They warn that passwords, credit card numbers, emails and sensitive documents could all be stolen as a consequence.A fix has been issued. According To iTechHacks News Network, it will take some time for many of the website administrators to protect their systems. The researchers have released a tool that identifies websites that appear to be vulnerable. They said they had not released the code used to prove their theory because “there are still too many servers vulnerable to the attack“. As yet, there is no evidence hackers have worked out how to replicate their technique. An independent expert said he had no doubt the problem was real. “What is shocking about this is that they have found a way to use a very old fault that we have known about since 1998,” said Prof Alan Woodward, from the University of Surrey. Quick attack To mount a successful attack on a website would still require a considerable amount of computational force. “This form of the attack is fast enough to allow an online man-in-the-middle style of attack, where the attacker can impersonate a vulnerable server to the victim,” the researchers wrote. “We were able to execute this form of the attack in under a minute on a single PC.” The researchers said many popular sites – including ones belonging to Samsung, Yahoo and a leading Indian bank – appeared to be vulnerable.
Δ
