Skip to main content

Torpig data shows that even SSL logins are vulnerable

From the fascinating analysis of the Torpig botnet:

“Form data items contain the content of HTML forms submitted via POST requests by the victim’s browser. More precisely, Torpig collects the URL hosting the form, the URL that the form is submitted to, and the name, value, and type of all form fields. These data items frequently contain the usernames and passwords required to authenticate with web sites,” the paper add explaining in a added note that even credentials transmitted over HTTPS are not safe from Torpig, “since Torpig can access them before they are encrypted by the SSL layer (by hooking appropriate library functions).”

The only way to prevent this kind of attack is with two-factor authentication.



Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom