Ataque NetCAT: CPU del servidor de grado Intel explotado para fugas de información confidencial

Ataque NetCAT: CPU del servidor de grado Intel explotado para fugas de información confidencial

1 Star2 Stars3 Stars4 Stars5 Stars (Sin clasificación todavía)
Cargando ...

los investigadores de seguridad cibernética han descrito un nuevo tipo de ataque con procesadores Intel servidor de grado ya 2012. El ataque se basa en una vulnerabilidad llamado NetCAT (Ataque a la red de caché).

The vulnerability could allow sniffing data by mounting a side-channel attack over the network. The discovery of the NetCAT attack comes from researchers from the VUSec group at Vrije Universiteit Amsterdam.

NetCAT shows that network-based cache side-channel attacks are a realistic threat,” explican los investigadores. Cache attacks are not uncommon and they have been used to leak sensitive data on a local setting. NetCAT only shows how this threat extends to untrusted clients over the network. Si se explota, NetCAT can leak sensitive information such as keystrokes in a SSH session from remote servers with no local access, el informe dice.

What is the cause of NetCAT?

The vulnerability stems from a recent Intel feature called DDIO, which grants network devices and other peripherals access to the CPU cache. Designed with the idea to be a performance optimization in fast networks, DDIO has severe security implications, note the researchers. These issues expose servers in local untrusted networks to remote side-channel attacks.

Through their work, the researchers show how NetCAT can break the confidentiality of a SSH session from a third machine. Lo más importante, no malicious software running on the remote server is needed, as the attacker is doing this by sending network packets to the remote server.

More about the attack:

With NetCAT, we can leak the arrival time of the individual network packets from a SSH session using a remote cache side channel. Why is this useful? In an interactive SSH session, every time you press a key, network packets are being directly transmitted. Como resultado, every time a victim you type a character inside an encrypted SSH session on your console, NetCAT can leak the timing of the event by leaking the arrival time of the corresponding network packet. Ahora, humans have distinct typing patterns. Por ejemplo, typing ‘s’ right after ‘a’ is faster than typing ‘g’ after ‘s’. Como resultado, NetCAT can operate statical analysis of the inter-arrival timings of packets in what is known as a keystroke timing attack to leak what you type in your private SSH session.

Relacionado: TLBleed vulnerabilidad afecta a procesadores Intel tras la fusión

It should be noted that in November 2018, two side-channel attacks were uncovered by security researchers -the so-called Portsmash side-channel vulnerability, y a GPU exploit. Portsmash is similar to previous cases like Meltdown.

By exploiting this bug hackers could hijack information from processes that are running in the same core. The demonstrated proof-of-concept code showed how it is possible to steal the private key during an OpenSSL session. The performed tests showcased that Intel Skylake and Kaby Lake are impacted by this.

As for the exploits regarding GPU cards, they could target individual end-users that use them in day-to-day activities as well as clusters that rely on GPUs for distributed computing.


Milena Dimitrova

Un escritor inspirado y gestor de contenidos que ha estado con SensorsTechForum de 4 año. Disfruta ‘Sr.. Robot’y miedos‘1984’. Centrado en la privacidad de los usuarios y el desarrollo de malware, ella cree firmemente en un mundo donde la seguridad cibernética juega un papel central. Si el sentido común no tiene sentido, ella estará allí para tomar notas. Esas notas pueden convertirse más tarde en artículos!

Más Mensajes

Dejar un comentario

Su dirección de correo electrónico no será publicada. Los campos necesarios están marcados *

Se agotó el tiempo límite. Vuelve a cargar de CAPTCHA.

Compartir en Facebook Compartir
Cargando ...
Compartir en Twitter Pío
Cargando ...
Compartir en Google Plus Compartir
Cargando ...
Compartir en Linkedin Compartir
Cargando ...
Compartir en Digg Compartir
Compartir en Reddit Compartir
Cargando ...
Compartir en Stumbleupon Compartir
Cargando ...