ROBOT Attack: 19-Year-Old Bug Returns With More Power To Target Facebook & Paypal

A team of security researchers has developed a modified version of the decryption attack first revealed in 1998 by cryptographer Daniel Bleichenbacher.

The attack can compromise a website’s RSA encryption by decrypting the data using the private key of the TLS server. It was possible because of the vulnerability present in the RSA algorithm used in SSL protocol, exploited by Bleichenbacher.

Now, the security researchers have managed to revive it in the name of ROBOT attack by slightly modifying things and make it work on the SSL’s successor TLS (Transport Layer Security).

In a blog spot, the researchers said that the vulnerabilities revealed by Bleichenbacher weren’t removed but countermeasures were added in the SSL successor TLS protocol. “Later research showed that these countermeasures were incomplete leading the TLS designers to add more complicated countermeasures.”

The worst affected products and websites are the ones which only use RSA encryption key exchanges. It’s possible for the attacker to perform MITM attacks to capture network traffic and decrypt the same later. For the websites that support a vulnerable RSA encryption key exchange but use forward secrecy, the level of risk depends on how fast the attacker can perform the attack.

The researchers found that 27 out of the Alexa top 100 websites are exploitable. This includes Facebook which already got fixed back in October, according to Forbes. Otherwise, it would have allowed an attacker to compromise people’s accounts. Another big name is PayPal. Further, the list includes affected products from Cisco, F5, Citrix.

The researchers have provided the details about security patches from affected vendors in the blog post which also includes the tools that can be used to test the Robot attack.

For end-users, there is nothing to do because the Robot attack exploits server-side vulnerabilities. Also, the attack doesn’t affect Bitcoins. The cryptocurrency uses Elliptic Curve Diffie Hellman key exchange instead of RSA. However, there is an indirect hard way the attack could be performed.

Also Read: How To Check And Remove HP Keylogger From Your Laptop?
Aditya Tiwari

Aditya Tiwari

Aditya likes to cover topics related to Microsoft, Windows 10, Apple Watch, and interesting gadgets. But when he is not working, you can find him binge-watching random videos on YouTube (after he has wasted an hour on Netflix trying to find a good show). Reach out at [email protected]
More From Fossbytes

Latest On Fossbytes

Find your dream job