Millions of connected objects and routers are at the mercy of hackers
Millions of connected objects and routers around the world suffer from a serious security breach. This breach allows an attacker to steal user data. Explanations.
Computer security experts from Nozomi Networks Labs have discovered a serious security flaw in all versions of uClibc and uClibc-ng. These are two widely used libraries of the C programming language. They are appreciated by developers who develop embedded systems based on Linux.
As the report published by Nozomi Networks Labs on Monday, May 2, 2022 points out, the flaw was caused by DNS queries generated by the library. According to the researchers, the identifiers of the requests are too predictable. For the record, a DNS is a service that translates an IP address (made up of numeric symbols) into a domain name (made up of letters). Each IP address is associated with a domain name.
Read also: Serious Security Flaw Puts Millions of Apps at Risk
The flaw in connected objects allows your data to be stolen
Libraries are heavily used by NetgearAxis, Linksys and other major IoT device vendors and routers dedicated to home automation. Since the flaw has not yet been patched, all devices from these brands are at the mercy of a seasoned hacker. Devices from over 200 different vendors are affected. Millions of terminals around the world are therefore at risk.
Leveraging this breach, hackers can deploy “DNS poisoning attacks against the target device”. Concretely, an attacker can deceive “a DNS client by having it accept a forged response” which will allow him to carry out communication on the network from another device.
Finally, the pirate is “capable of forwarding network communications to a server under its control”. He then takes control of the information exchanged by the user on the network. According to Viakoo, another firm specializing in security, hackers “are increasingly focused on spreading vulnerabilities through open source software libraries and exploiting them through IoT devices”.
“This vulnerability remains unpatched, but we are working with the library maintainer and the wider community to support the search for a fix”reassures Nozomi Networks Labs, which refuses to say more about the flaw until a fix has been found.