Russian Hackers Allegedly Modifying Chrome and Firefox, Secretly Tracks Secure Web Traffic
A Russian hacker group has been purportedly using a new technique that involves patching installed browsers like Chrome and Firefox to modify their internal settings and components.
Reports say that the attack is aimed to alter the way Chrome and Firefox setup HTTPS connections via adding an individual fingerprint for the TLS-encrypted web traffic coming from the infected computers.
Many hackers are known to exploit vulnerabilities in operating systems and browsers; however, not many are known to be so brave as to touch web browsers directly.
Related Article: Hackers Target SWIFT Users Using Bangladesh Heist Methods
According to a report published by Kaspersky, the hackers are hijacking the browsers with a remote access Trojan named Reductor. First, they install their very own digital certificates to the infected hosts, granting access to intercept and TLS traffic coming from the host.
Afterward, they modify the browsers in order to patch their pseudo-random number generation (PRNG) functions. This is believed to be a method used to establish new TLS handshakes for HTTPS connections.
Simply put, the hackers are piggybacking on the security features of Chrome and Firefox browsers in order to assign a unique fingerprint that identifies users and computers. This is then used to monitor TLS traffic without a problem.
Due to the complexity of the operation, the blame is being put on Turla, a renowned hacker group that is allegedly operating under the protection of the Russian Government.
Kaspersky also pointed out that this is something the group is capable of doing. In addition, this isn't the first time the group has been involved in a controversial hacking incident as well.
Related Article: iPhone Owners Beware, Your Smartphones Can Be Hacked Using Wi-Fi
Back in January 2018, a report from the cyber-security firm ESET uncovered that Turla hacked and compromised about four ISPs in Eastern Europe and the former Soviet space. The reported attack was put in motion to download and add malware to various legitimate files.
Now, Kaspersky believes that the January incident is somewhat similar to the current dilemma, leading them to strongly believe that Turla is behind the attack.
It is yet unclear how, when, or why this attack had happened; however, there are theories on what the group's motives are.
One of the most apparent theories is that of a source from ZDNet which stated that Turla is doing this to passively observe HTTPS traffic across the web. The same theory was also mentioned by Kaspersky in their statement.
Another plausible explanation is that the hackers are utilizing the unique TLS fingerprint as a secondary surveillance mechanism. It serves as a fail-safe plan in case the victims found and removed the Reductor trojan.
Nonetheless, Kaspersky reported that whatever the motive is, it's not breaking a user's encrypted traffic. Now, the Russian group is yet to release a statement, confirming or denying these allegations.
Experts are giving the public a warning though since the presence of Reductor RAT on a device would allow hackers to fully access and control the device in real-time.
Related Article: The Most Dangerous State-Sponsored Hackers Groups In The World
MORE IN ITECHPOST
How Scars are Formed and How to Remove It
Scar formation is a result of a biological process in skin after an injury or trauma. It is formed when the dermis layer of the skin is damaged. It is our body's way to repair tissues and organs and is a natural part of the healing process. A scar tissue is composed of the same type of collagen it is replacing with. Scars lacks elasticity compared to normal tissue. There are different degrees of scarring depending on the injury the tissue is subjected to.
Reasons to Use Magento for your Ecommerce Store
There are so many eCommerce platforms out there ready to help you build your storefront it can be difficult to choose the right one. More and more companies, from Liverpool Football Club to Coca Cola, are using Magento hosting for their online storefronts, and for good reason.
NASA Unveils New High-Tech Spacesuit for Artemis Mission
NASA is spending people on the moon again for the Artemis mission, and they have unveiled new spacesuits for it.
Fortnite Chapter 2 is Finally Here; Massive Changes Take Game to an Entirely New Level
Fortnite Chapter 2 competes with Call of Duty Mobile and the updated PUBG Mobile with some massive changes that take the Fortnite gaming experience to the next level.
4 In-Demand Professions That Pay Well In Canada
Canada is turning out to be an emerging place for fresh graduates and skilled people looking for jobs. Every year the ratio of unemployed people for every job keeps decreasing. This decline in the ratio is accredited to a lot of skilled professionals recently moving to Canada, more job vacancies and more opportunities.