New hacking technique imperceptibly changes memory virtual servers
For the first time ever a team of Dutch hacking experts, led by cyber security professor Herbert Bos, managed to alter the memory of virtual machines in the cloud without a software bug, using a new attack technique.
With this technique an attacker can crack the keys of secured virtual machines or install malware without it being noticed. It’s a new deduplication-based attack in which data can not only be viewed and leaked, but also modified using a hardware glitch. By doing so the attacker can order the server to install malicious and unwanted software or allow logins by unauthorized persons.
Deduplicationand Rowhammer bug
With the new attack technique Flip Feng Shui (FSS), an attacker rents a virtual machine on the same host as the victim. This can be done by renting many virtual machines until one of them lands next to the victim. A virtual machine in the cloud is often used to run applications, test new software, or run a website. There are public (for everyone), community (for a select group) and private (for one organization accessible) clouds. The attacker writes a memory page that he knows exists in the victim on the vulnerable memory location and lets it deduplicate. As a result, the identical pages will be merged into one in order to save space (the information is, after all, the same). That page is stored in the same part of the memory of the physical computer. The attacker can now modify the information in the general memory of the computer. This can be done by triggering a hardware bug dubbed Rowhammer, which causes flip bits from 0 to 1 or vice versa, to seek out the vulnerable memory cells and change them.
The researchers of the Vrije Universiteit Amsterdam, who worked together with a researcher from the Catholic University of Leuven, describe in their research two attacks on the operating systems Debian and Ubuntu. The first FFS attack gained access to the virtual machines through weakening OpenSSH public keys. The attacker did this by changing the victim’s public key with one bit. In the second attack, the settings of the software management application apt were adjusted by making minor changes to the URL from where apt downloads software. The server could then install malware that presents itself as a software update. The integrity check could be circumvented by making a small change to the public key that verifies the integrity of the apt-get software packages.
Debian, Ubuntu, OpenSSH and other companies included in the research were notified before the publication and all have responded. The National Cyber Security Centre (NSCS) of the Dutch government has issued a fact sheet containing information and advice on FFS.
The Latest on: Hacking
via Google News
The Latest on: Hacking
- Car-Hacking Expert Says Autonomous Cars Would Be Terrible Drug Muleson November 29, 2020 at 1:00 pm
Self-driving cars are going to be the biggest snitches, with all the data they collect about where they are and what they're up to.
- Zimbabwean man arrested for hacking his wife and five children to death in South Africaon November 28, 2020 at 7:41 am
A 34-year-old Zimbawean national who was alleged to have hacked his wife and five children to death in the Eastern Cape, South Africa h ...
- Network hacking and ransomware fueling global cybercrime surgeon November 26, 2020 at 4:22 am
Selling access to a company’s network is usually only one stage of the attack,” Group-IB reports. “The privileges gained might be used for both launching ransomware and stealing data, with the aim of ...
- Cybercriminals demanding $500,000 after hacking Delaware County computer network: Sourceson November 25, 2020 at 3:45 pm
Cybercriminals have attacked the Delaware County, Pennsylvania government network and taken it hostage. The criminals are demanding $500,000 to free it up.
- Main Danish news agency offline following hacking attackon November 24, 2020 at 6:45 am
Denmark's biggest news agency that delivers text and photos to Danish media was knocked offline following a hacking attack Tuesday.
- Hacking Group ‘ShinyHunters’ Alleged To Be Behind BigBasket Data Breachon November 12, 2020 at 2:34 am
Cyber intelligence company Cyble said it found conversations between cybercriminals and ShinyHunters on November 10 On November 8, BigBasket had filed a police complaint over the hacking incident ...
- Profitable Hacking Campaign Targets VoIP SIP Servers, Sells System Accesson November 11, 2020 at 4:47 am
The campaign is part of a larger, profitable hacking model. “By sending the password query parameter as an array element, attackers can cause the authentication function to fail before the ...
- Hacking Hub Virtual Meeting Is Presented to Solve the Social, Economic and Environmental Challenges of Jaliscoon November 10, 2020 at 7:16 pm
"Hacking Hub is a virtual meeting in hackathon format that, through three days of intense work, multiple people from different disciplines and academic degrees will work to find innovative and ...
- This hacking group is using previously unknown tools to target defence contractorson November 6, 2020 at 5:51 am
but further analysis reveals additional tactics and techniques of the campaign that has almost identical elements to Hidden Cobra – AKA The Lazarus Group – a hacking operation which the US ...
- Brazilian police investigate online hacking of high courton November 5, 2020 at 3:21 pm
SAO PAULO -- Brazil's federal police opened an investigation into the hacking of computers at one of the country's high courts on Thursday. The head of Brazil's Superior Court of Justice ...
via Bing News