• Malware Can Spread Through Software Updates

    by  • August 2, 2016 • Ethical hacking, Network Security, Packet Sniffing • 1 Comment

    We have seen exploits in plug ins & apps are helping hackers to find vulnerabilities & intrude inside a secured system or a network, I came across the news from cnet.com which says that two researchers from Israeli security firm Radware have found out a way which gives access to a computer by updating any software mostly affects the Skype &  other applications.

    This is terrible, It raises a question that we should download an update or not ? according to these two geeks named Itzik Kotler and Tomer Bitton more than hundred applications can be targeted from cnet.com downloads, which is one of the most trusted downloading site for all  Internet users.

    The tool is named as ippon (Means ‘Game Over’ in the game of Judo), It gives 3d View pf user who is trying to connect to the update server.

    It scans the local Wi-Fi Network & checks whether any victim is trying to check updates through HTTP requests, it detects the victim & try to reply before the update server & gains command over the updates.

    According to the makers the Microsoft browser is not vulnerable to this Malware attack as it uses digital signature to check for update. And they are yet to test Firefox & other major browsers which could possibly go under this Malware threat. What is more important that they have shown a security companies another hole to secure for.

    Software basically sends message that ‘Updates are available’, when user accepts request they send infected piece of code to that Vitim, which gives them command over  any PC.

    So folks, think twice before using a public wi-fi (specially the unsecured one)

    About

    Author is a Tech blogger & loves to share his work on web by writing guidelines for Ethical Hacking students & Security professionals. Performing various types of hacking from pen test to smartphone hacking – He enjoys hacking just for personal research purpose. Working with more of 'grey as well as black hat' hackers for learning advanced hacking as well as defending techniques & share them with learners. His prime area of research is Cyber Criminals & currently working on a Video Product Development to teach hacking & Pen Testing for absolute beginners.

    http://www.hackersenigma.com