Home > Cyber News > Hackers Exploit Software into Sharing Data Via WebRTC (CVE-2018-6849)

Hackers Exploit Software into Sharing Data Via WebRTC (CVE-2018-6849)

CVE-2018-6849 webrtc exploit image

The security community has discovered a dangerous exploit that allows computer criminals to exploit VPN connections and private browsers thereby accessing sensitive data.

VPN Software & Browsers Vulnerable to WebRTC Exploit

The security community has discovered a dangerous exploit that allows computer criminals to acquire private data through VPN connections and privacy browsers. This is done by targeting a vulnerability in the WebRTC technology which is used for delivering content. The issue is being tracked in a security advisory called CVE-2018-6849 which reads the following description:

In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.

Related Story: BlackTDS: Traffic Distribution Network as a Malicious Service

The criminals have been found to exploit the technology via a Metasploit Module. This is one of the most popular platforms for launching attacks against single targets or whole computer networks. WebRTC is a technology that enables web browsers to communicate via a real-time API. Multiple services and JavaScript code can interact with the technology and are frequently implemented in VPN software or privacy web browsers.

Once triggered the exploit causes the target software to “leak” data including the public and private IP address associated with the host. The technique is classified more as a privacy issue rather than security as the information can be used to directly identify the victims. WebRTC is being used in several popular web platforms that have responded to the issue as following:

  • Google Chrome — The development team have stated that they are going to follow the security guidelines into fixing the issue. They offer a special “Network Limiter” extension that can enable a more restrict mode of operations.
  • Facebook — The information leakage is not deemed sensitive enough to warrant an official bounty. The contents of the leaked data is not considered dangerous enough. If the issue persists with more serious content then the social network’s protective plans will come into effect.
  • Android — The Android security team conducted a severity assessment. They rated it as a threat of low importance that does not meet the severity bars for inclusion into an Android security bulletin.
  • Duck Duck Go — The security team is currently investigating the issue.
Related Story: Three Popular VPNs Found to Be Leaking Real IP Addresses

As the VPN software & web browsers can use the WebRTC vulnerability when planning their hacker attacks. In most cases the intended goal is to deliver various malware to the target users. As a result we recommend that all users employ a quality security software.


Malware Removal Tool

Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree