Sunday, July 14, 2024
EHA

Confide App used by White House staffers Found Vulnerable for MITM attacks

Confide is an a encrypted texting application for Android and iOS, which used by staffers in White House for their secret communication.

Security Experts from IOActive found Multiple critical flaws while testing versions 4.0.4 for Android and 1.4.2 for Windows and OS X.

Technical Details

  • Notification system doesn’t require a valid SSL server certificate to communicate, which would leak information, if any MITM attack performed.
  • Unencrypted messages could be transmitted, and no indications for unencrypted message.
  • The application neglected to utilize validated encryption, permitting Confide to modify messages in-travel.
  • The application permitted an attacker to enumerate all Confide client accounts,including genuine names, email addresses, and telephone numbers.
  • Application vulnerable to bruteforce attacks, no password policies which allows users to set vulnerable passwords.
  • The application’s site was vulnerable against a arbitrary URL redirection, which
    could encourage social engineering attacks against its clients.

Effect

  • Imitate another users by hijacking their account session.
  • Imitate another users by speculating their password.
  • Turned into a middle person in a discussion and decrypt messages.
  • Alter the contents of a message or attachment in transit without first decrypting it.
  • Learn the contact details of all or specific Confide users.
  • Take in the contact details of all Confide clients.

As per  IOActive they were able to recuperate more than 7,000 records for clients enlisted between the dates of 2017-02-22 to 2017-02-24.

This information additionally demonstrated that in the vicinity of 800,000 and one million client records were possibly contained in the database.

Amid their 2-day test, the group could discover a Donald Trump relate and a few workers from the Department of Homeland Security (DHS) who downloaded the Confide application.

The confidentiality of the exchanged messages relies on upon the robustness of TLS. Confide can actually read every one of the messages that go through its servers.

End-to-end encryption, as it is executed, exclusively depends on the server through which the messages pass.

Confide is not just an encrypted messenger. It provides other interesting security features:

  • Screenshot prevention: Received messages can theoretically not be copied by a user. As the astute reader may have noticed, the previous paragraphs present screenshots of the application.
  • Message deletion: Once a user reads a message, it is deleted from the client and from the server. Is it possible to prevent message deletion?
  • Secrets protection: Confide handle secrets, like private keys required to decrypt messages. Are these keys correctly protected?

Timeline

  • February 2017: IOActive conducts testing on the Confide application.
  • February 25, 2017: Confide begins fixing issues uncovered by the detection of anomalous behavior during the testing window.
  • February 27, 2017: IOActive contacts Confide via several public email addresses to establish a line of communication.
  • February 28, 2017: IOActive discloses issues to Confide. Confide communicates that some mitigations are already in progress and plans are being made to address all issues.
  • March 2, 2017: Confide releases an updated Windows client (1.4.3), which includes fixes that address some of IOActive’s findings.

For more details, you can rush to ioactive and quarkslab

Also Read:

Website

Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles