Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Heartbleed Virus


  • Please log in to reply
10 replies to this topic

#1 rlight

rlight

  • Members
  • 223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Washington State
  • Local time:09:07 PM

Posted 09 April 2014 - 11:46 PM

On the news today there was an warning about the Heartbleed Virus.  They mentioned the need to change all our passwords.  I can't find much information on this.  What is the truth about this virus?

 

rlight



BC AdBot (Login to Remove)

 


#2 NickAu1

NickAu1

    Bleepin' Defenestraphobic


  • Members
  • 2,006 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:There's no place like 127.0.0.1
  • Local time:12:07 PM

Posted 10 April 2014 - 12:39 AM

Heartbleed is basically a buffer exploit, Not a virus.


Linux - Ubuntu 14.04 LTS 64bit --Intel® Core i5 Processor 4460. MSI H81-P33 MB,  16GB Ram,  256GB mSATA SSD Boot + 1TB 5400RPM SATA .

Ubuntu Desktop Computing Made Easy (Trusty 14.04 LTS)

NoScript Configuration Guide

 

Windows users.

Answers to common security questions - Best Practices   .By Quietman7
 


#3 noknojon

noknojon

    Almost Retired


  • Members
  • 9,896 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:07 PM

Posted 10 April 2014 - 01:01 AM

You can check out the FAQs for answers to your questions at:
http://heartbleed.com/



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,866 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:07 PM

Posted 10 April 2014 - 05:40 AM

Heartbleed has already been reported and discussed in this topic..
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 1,268 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:07 AM

Posted 11 April 2014 - 05:55 PM

Heartbleed is not a virus, it's a vulnerability (computer vulnerabilities are numbered, the number for the heartbleed vulnerability is CVE-2014-0160).

 

Simply put, a vulnerability is a programming error that can be used for unwanted purposes (this is called exploiting a vulnerability).

This particular programming error provides unwanted access to data that should not be disclosed. This data can be passwords.

 

Since it is a possibility (but not a certainty) that unauthorized parties have gathered confidential data like passwords from servers with this vulnerability, experts are advising to change passwords.


Edited by Didier Stevens, 11 April 2014 - 05:57 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com
Microsoft MVP 2011-2014 Consumer Security
Posted Image

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,866 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:07 PM

Posted 11 April 2014 - 06:20 PM

Just watched the news and the anchor reported it as a bad virus.

I'm not surprised, journalism no longer includes reporting all the facts...instead we get misleading and slanted news coverage the editors think we should have. :wink:
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#7 OldPhil

OldPhil

    Doppleganger


  • Members
  • 2,148 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:09:07 PM

Posted 12 April 2014 - 01:49 AM

I guess we should have known!  http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html


COUGAR SolutionRSB400 tower 400 watt supply Win 7 Pro

Gigabyte Z77X-UP5 TH-CF  board Intel Core i5-3570K @ 3.40GHz

16 Gigs Mushkin DDR3 SDRAM PC3-12800, 64 Gig ADATA SX900 SSD

120 Gig INTEL SS DSC2CT120A3 SSD, Three others up and running


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,866 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:07 PM

Posted 12 April 2014 - 06:49 AM

I posted that link in the discussion topic and Didier Stevens provided some additional comments.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#9 Crazy Cat

Crazy Cat

  • Members
  • 409 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:01:07 PM

Posted 13 April 2014 - 12:09 AM

Snowden interview: Is encrypting my e-mail any good at defeating the NSA surveillance? Is my data protected by standard encryption?

Encryption works, Snowden responded. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

Back when the NSA was routinely weakening commercial cryptography, their favorite technique was reducing the entropy of the random number generator. https://www.schneier.com/blog/archives/2008/05/random_number_b.html

While NO absolute evidence, maybe the NSA infiltrated OpenSSL and compromised it with a backdoor?

Edited by Crazy Cat, 13 April 2014 - 12:12 AM.

 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#10 Crazy Cat

Crazy Cat

  • Members
  • 409 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:01:07 PM

Posted 14 April 2014 - 08:21 PM

RSA ties to NSA PRISM spooks go deeper than first thought. http://www.v3.co.uk/v3-uk/news/2337363/rsa-ties-to-nsa-prism-spooks-go-deeper-than-first-thought

Developer behind Heartbleed bug admits error but defends open source project. http://www.v3.co.uk/v3-uk/news/2339416/developer-behind-heartbleed-bug-admits-error-but-defends-open-source-project

Heartbleed is a catastrophic security calamity, bemoans Bruce Schneier. http://www.v3.co.uk/v3-uk/news/2338987/heartbleed-is-a-catastrophic-security-calamity-bemoans-bruce-schneier
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#11 Crazy Cat

Crazy Cat

  • Members
  • 409 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:01:07 PM

Posted 16 April 2014 - 02:23 AM

Apparently, there is an email scam circulating that "mshearts.exe" is the Heartbleed virus or vulnerable MS app that needs patching from the Heartbleed exploit.

C:\WINDOWS\system32\mshearts.exe

The scammers then get you to download a MS patch that is malware.

Has anyone else see this email scam?
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users