A computer science associate professor at the University of Michigan, and a doctoral student using an Android phone revealed just how it is possible for one to misuse the otherwise useful Firewall technology to hack into Facebook and Twitter accounts. Reports coming in bring to light a study by Z. Morley Mao, a computer science associate professor at the University of Michigan, and a doctoral student, Zhiyun Qian. They explained how it was possible for someone to hijack a TCP (transmission control protocol) Internet connection by misusing publicly available information on smartphones. The researchers, reportedly presented their findings at the IEEE Symposium on Security and Privacy in San Francisco, US. The report further went on to add that these hackers also took advantage of gullible users with willingness to download suspicious apps and network firewall middleboxes that block the data bundles, which are not included in the flow of information traffic.
In their research, wherein they tested some 150 networks, the researchers found that 32 percent of those networks contained these middleboxes. Qian was further quoted as saying, "Firewall middleboxes are supposed to protect against this kind of attack, but it turns out they do the opposite. Most vendors and carriers that deploy such firewall middleboxes still believe they are safe and we want them to be aware of this design flaw." How this works is that middleboxes essentially monitor the "sequence numbers" of data packets that are on their way to mobile devices. When a user shares an image with a friend, it further gets chopped into several packets, before it is sent across the network.
Explaining the mode further, the report states that the user's friend's smartphone will refer to the sequence numbers to decipher the picture. "Middleboxes could help hackers use the process of elimination to home in on a number in the right range," it added. Qian was quoted as saying, "An attacker can try to guess at sequence numbers. It's usually hard to get feedback on whether a guessed number is correct, but the firewall middlebox makes this possible. The attacker can try a range of sequence numbers. The firewall will only allow one through if it is in the valid range."
Interestingly, the report further adds that for the spyware to work neither privileged information was required, nor special administrator or root access. "It would just read a couple of the phone's publicly available incoming packet counters and let the attacker know when the counters -advanced. Armed with a valid sequence number, the hacker could spoof Facebook or Twitter's HTTP (as opposed to the more secure HTTPS) web login page and gain the user's passwords."
Published Date: May 23, 2012 11:23 am | Updated Date: May 23, 2012 11:23 am