The DNC keeps the Watergate file cabinet next to server hacked by Russia

The basement of the Democratic National Committee's Washington, DC, headquarters holds one of the most fitting images to come out of the hacks that dogged Democrats in the 2016 presidential election. On the left: a 1960s era file cabinet that was jimmied open during the 1972 Watergate break-in. On the right: a DNC server that was hacked by what the US intelligence community says were Russian operatives.

The photo is from an 8,300-word New York Times article about how two separate Russian government groups hacked the DNC. The hacks first came to light in June, and the rough outline is well known. For months, the intruders had free reign over the DNC's computers. Over time, the Russians extended their reach into the Gmail accounts of Clinton campaign chairman John Podesta, former secretary of State Colin Powell, and others. The series of DNC blunders, bordering on ineptitude, that allowed the attacks to succeed has been well documented. Those blunders are now coming into sharper focus.

Like the feeble filing cabinet, the shortcomings exposed in the New York Times' blow-by-blow account show just how ineffective and doomed the DNCs's defenses were against a much-better organized adversary. Equally important, the report reveals how a "series of missed signals, slow responses, and a continuing underestimation of the seriousness of the cyberattack"—apportioned in almost equal parts by members of the FBI, the DNC, and the Clinton campaign—allowed the hacking drama to play out.

Read 3 remaining paragraphs | Comments

‘SSL Death Alert’ (CVE-2016-8610) Can Cause Denial of Service to OpenSSL Servers

Recently we noticed a security patch has been published for the OpenSSL vulnerability called SSL Death Alert. As with other serious security vulnerabilities, this one grabbed our attention because the discoverer of the vulnerability says that it may cause a denial of service to an OpenSSL web server. To better protect our customers from this attack and provide detection and prevention for this vulnerability, the McAfee Labs IPS Vulnerability Research team looked into this issue.

Our analysis started with the patch differences report of the newly pushed code.

2016-12-13-openssl-death-alert-1

As we can see in the diffing results, a couple of files have been modified to fix this problem.

The patch diff of include/openssl/ssl.h reveals the new error code SSL_R_TOO_MANY_WARN_ALERTS (409) has been introduced.

2016-12-13-openssl-death-alert-2

In ssl/record/record_locl.h, we can see the directive MAX_WARN_ALERT_COUNT has been introduced and is set to 5.

2016-12-13-openssl-death-alert-3

Now let’s look into the actual patch, which sits in the files ssl/record/rec_layer_d1.c and ssl/record/rec_layer_s3.c.

The following screen shots show the patch changes in the two files.

ssl/record/rec_layer_d1.c

2016-12-13-openssl-death-alert-4

ssl/record/rec_layer_s3.c

2016-12-13-openssl-death-alert-5

As we can see, the patch is pretty simple and straightforward. It simply counts the layers of consecutive SSL3_AL_WARNING alert packets and checks if the count exceeds five. If the count is greater than five, it raises an error.

Exploiting this issue

To provide detection and prevention for this DoS attack, we created a minimal proof of concept. Although there is no public exploit, the advisory provides a lot of technical details. To exploit this bug, we must initiate the SSL handshake. As a part of the handshake the attacker has to send a genuine Client Hello packet to the server. The following screen shot shows a packet capture of the first stage of the exploit, a normal Client Hello packet.

2016-12-13-openssl-death-alert-6

As described in the security advisory, to exhaust the CPU, we need to send a large number of crafted cleartext SSL3_AL_WARNING alert packets to the server. To do this, we must understand the structure of an alert packet. The message looks like the following, from this TLS protocol memo.

2016-12-13-openssl-death-alert-7

An alert message can be encrypted, but in this case we have to send a cleartext alert to the vulnerable server.

The following screen shot shows captured SSL3_AL_WARNING packets in our test environment.

2016-12-13-openssl-death-alert-8

Next we see multiple alerts packed inside a single record.

2016-12-13-openssl-death-alert-9

The alert packet structure looks like this:

2016-12-13-openssl-death-alert-10

To test the developed exploit, we configured a test server with OpenSSL and self-signed certificate and private key. The following screen shot shows the server listening to port 4433 and communicating with an SSL client.

2016-12-13-openssl-death-alert-11

During normal SSL communications between server and client, we see nothing abnormal with CPU consumption of server processes.

2016-12-13-openssl-death-alert-12

As soon as we run the exploit against the server, however, we immediately see the server process stops responding as CPU usage reaches 99% and then 100% after a few seconds.

2016-12-13-openssl-death-alert-13

The CPU spike causes a denial of service by the OpenSSL Server as it becomes inaccessible. In our test environment, we noticed the SSL service resumes as soon as we stop the exploit from sending malicious packets.

Server administrators should apply the patch to OpenSSL servers as soon as possible. McAfee Network Security Platform (IPS) signature 0x45c09000 provides detection and prevention for this attack.

The post ‘SSL Death Alert’ (CVE-2016-8610) Can Cause Denial of Service to OpenSSL Servers appeared first on McAfee Blogs.

Covert downloaders found preinstalled on dozens of low-cost Android phone models

Dozens of low-cost Android phone models come preinstalled with apps that covertly download and install adware and other unwanted programs, researchers said.

At least 26 phone models come preinstalled with a downloader dubbed Android.DownLoader.473.origin, according to a blog post published Monday by antivirus provider Doctor Web. Doctor Web researchers described the app as a downloader trojan that can download not only benign applications but also malicious and unwanted ones. One such app, known as H5GameCenter, displays ads on top of running applications. The image can't be removed, and infected users report that when they uninstall the app, Android.DownLoader.473.origin quickly downloads and installs it again.

Another preinstalled downloader Doctor Web detected is known as Android.Sprovider.7 and comes encrypted inside another app. It has the ability to automatically download Android application files and install them when users click on a confirmation button, make phone calls to certain numbers, and show ads on top of apps.

Read 3 remaining paragraphs | Comments