The majority of the hackers won’t look beyond exploiting the basic weaknesses in web browsers, but one hacker collective has gone a step further. According to Kaspersky, Turla, a Russian group, has attempted to fingerprint TLS-encrypted web traffic by modifying Chrome and Firefox.
The group first contaminates systems through a remote access trojan, modifying the browsers. First by installing their certificates (to intercept TLS traffic from the host) and afterward connecting the pseudo-random number generation that conveys TLS connections. That allows them to add a fingerprint to every TLS action and inertly track secure traffic.
The motives of these hackers are unclear as of yet and if your system is infected with this, you don’t need to patch the browser to spy on traffic. According to reports, it might be a foolproof method to let them spy on traffic on users who remove the virus but don’t reinstall their browsers.
The hacker collective is easier to identify with Turla through to be protected by the Russian government and the targets in the start are based in Russia and Belarus.
1st they need to install the trojan in your system
2nd they need to install the certificates.
and then they are able to spy.
Easy …?
Who is going to effect?
A person with aged old Windows (<10)
Updates are disabled
Firewall is disabled
No Antivirus
I can send you a backdoor that will evade firewall and antivirus.
The patching of pseudo number generator is one thing, but what about security policy of SSL certificates? Pretty sure you can restrict which certificates are allowed via group policy.
Forget about this news i can read encrypted traffic by browser API hooking.
Is larkay ko uthao. :p
I was caught in university for gaining access to their servers but funny thing is they caught me after one year.
I’ve had accessed professor creds as well and network drives.
Also i havent paid for internet for more than 3 years.Thats because i’ve hacked wifi AP around the area where i live.
using some1 else n/w makes u more vulnerable. they can easily play with ur traffic using mitm methods. A real pro must not underestimate anything, mean no flaws at all and last I advise you should review pak cyber act.