August 4, 2009 11:40 AM
- Text
Using Software Updates to Spread Malware
(CBS)
By CNET Staff Writer Elinor Mills
Two researchers from Israeli security firm Radware have figured out a way to trick computers into downloading malware or take over a computer by hijacking the communications during the update process for Skype and other applications.
About 100 applications, many among the most popular on CNET's Download.com, can be targeted, said Itzik Kotler, team leader of Radware's security operations center, before his presentation here at the Defcon conference.
Kotler and colleague Tomer Bitton are releasing a tool called Ippon (which means "game over" in Judo) that enables the attack and offers a 3D view of potential victims on a network.
With the tool, an attacker can scan a Wi-Fi network for computers checking for new updates via HTTP (Hyper Text Transport Protocol). If the system detects a computer sending a software update request, the tool replies before the app update server can respond, Kotler said.
Ippon customizes messages for the particular application and sends a message indicating that there is an update available even when the system already has the most recent legitimate update, he said. A malicious file is then downloaded from the attacker's server onto the victim's computer.
The researchers said they had not tested whether Firefox or other major browsers are vulnerable. Microsoft software is not vulnerable because it uses digital signatures in its update process, which all software updates should, Kotler said. People should be careful when using public Wi-Fi networks and avoid doing software updates on them, he said.
"You have to assume when on a public infrastructure that the infrastructure can be attacked," he added.
There is also the possibility that someone could spread an "airborne virus" via software updates that uses victim machines to attack and infect other machines on a network, according to Kotler.
Two researchers from Israeli security firm Radware have figured out a way to trick computers into downloading malware or take over a computer by hijacking the communications during the update process for Skype and other applications.
About 100 applications, many among the most popular on CNET's Download.com, can be targeted, said Itzik Kotler, team leader of Radware's security operations center, before his presentation here at the Defcon conference.
Kotler and colleague Tomer Bitton are releasing a tool called Ippon (which means "game over" in Judo) that enables the attack and offers a 3D view of potential victims on a network.
With the tool, an attacker can scan a Wi-Fi network for computers checking for new updates via HTTP (Hyper Text Transport Protocol). If the system detects a computer sending a software update request, the tool replies before the app update server can respond, Kotler said.
Ippon customizes messages for the particular application and sends a message indicating that there is an update available even when the system already has the most recent legitimate update, he said. A malicious file is then downloaded from the attacker's server onto the victim's computer.
The researchers said they had not tested whether Firefox or other major browsers are vulnerable. Microsoft software is not vulnerable because it uses digital signatures in its update process, which all software updates should, Kotler said. People should be careful when using public Wi-Fi networks and avoid doing software updates on them, he said.
"You have to assume when on a public infrastructure that the infrastructure can be attacked," he added.
There is also the possibility that someone could spread an "airborne virus" via software updates that uses victim machines to attack and infect other machines on a network, according to Kotler.
Popular Now in SciTech
- Apple iPad 3 rumors: thicker, sharper, coming soon
- Tesla's Model X: Finally, an electric car we all want
- Retro Duo will play your old Nintendo games
- Obama's 2012 campaign playlist now on Spotify
- FBI releases Steve Jobs background report
- iPad 3 mini on the way, says analyst
- Apple iPad 3 rumors resurface, sources say March release
- Apple iPhone 5 rumors, reports say June release
- Apple faces $1.6 billion iPad trademark lawsuit
- Hackers release Symantec pcAnywhere source code
- Facebook graffiti artist David Choe, from homeless to millions
- Apple supplier Foxconn hit by hackers
- Ethical iPhone 5 petitions head to Apple stores
- Google developing home entertainment system
- Apple iPad 3 rumors, let's get real
- Shocking Stats on Texting While Driving
- Facebook required for Spotify account, here's a trick
Latest CBS News Headlines
on Facebook Most Discussed Stories
on CBS News
- US increases travel warning to 14 Mexican states
- Italy: Wrecked cruise ship moves in rough seas
- Park Service to remove inscription on MLK Memorial
- Chicago's MCA debuts 1980s exhibit
on Facebook Most Discussed Stories
on CBS News
