Deadly 'Heartbleed' Virus Arrives in Indian Cyberspace - The New Indian Express

Deadly 'Heartbleed' Virus Arrives in Indian Cyberspace

Published: 11th April 2014 03:00 PM

Last Updated: 11th April 2014 03:03 PM

Indian cyber security sleuths have alerted Internet users against a "highly severe" virus named 'heartbleed', which has sent alarm bells ringing across the globe for fear of exposing millions of passwords, credit card numbers and other sensitive information to hackers.

The virus prowling in the domestic arena, authorities said, attacks the openSSL of an online system which is the most essential protocol which encrypts information and data transfer over the Internet.

The Computer Emergency Response Team of India (CERT-In), the nodal agency to combat hacking, phishing and to fortify security-related defences of the country's Internet domain, fears it could compromise personal data and passwords of a user.

"Vulnerability (heartbleed) has been reported in OpenSSL, which could be exploited by a remote attacker to disclose potentially sensitive information. The vulnerability is due to improper bounds checking while handling TLS/DTLS heartbeat extension packets.

"A remote attacker could exploit this vulnerability by submitting crafted TLS or DTLS heartbeat packets to an affected device to retrieve sensitive information, such as private keys, user name and passwords or contents of encrypted traffic from process memory. By leveraging this information, an attacker may be able to decrypt, spoof, or perform man-in-the-middle attacks," the CERT-In said in its latest advisory to Internet users in the country.

Categorising the severity of the virus as "high", the agency said all unguarded or vulnerable online systems are prone to the virus' attack.

The virus, with derives its name from a 'bleeding red heart' motif, has made a number of countries sit up and take notice of its destructive and threatening activities over the last few days.

Two days back, Canada's tax agency had said that it has temporarily cut off public access to its electronic filling services just three weeks before the tax deadline because of security concerns over the "Heartbleed bug."

"It has been confirmed that the virus is active in the Indian cyberspace too. Some of its suspect messages also resemble a 'red-coloured X' motif similar to the red bleeding heart," a cyber security expert told PTI.

comments powered by Disqus

Disclaimer: We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the NIE editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

Read More

follow us Mobile Site iPad News Hunt Android RSS Tumblr Linekin Pinterest Youtube Google Plus Twitter Facebook