Wednesday, December 31, 2008

kaminsky's DNS bug + Rogue CA Certificates = Trust No One


If there has been any missing part in most of the previous clever and sophisticated phishing attacks, it would be a valid SSL certificate signed by a valid CA.

Recently, a smart group of cryptography researchers have successfully exploited a bug in the MD5 hashing algorithm that allows them to hack VeriSign's RapidSSL.com certificate authority and create fake digital certificates for any Web site on the Internet.

I won't talk about their findings here; you can check it out here: http://www.win.tue.nl/hashclash/rogue-ca/

Today I'll draw the attention to a couple of possible attack scenarios that Phishers and malware authors can use by combining techniques that would be very difficult to stop unless a number of defenses is being used against.
The techniques of this attack are:

1) DNS Cache Poisoning Attack (For directing victims to fake sites like banks)

2) SQL injection Attack (For injecting IFrame redirectors into high traffic website, to redirect visitor to the fake website)

3) Double Flex Network (botnet) that would host malicious name servers (malicious/phishing websites resolution) and webservers (host the malicious/phished site)

4) Rouge CA SSL Certificates (For fooling victims who are visiting a website that is secured by using a valid SSL certificate, and the browser is showing a padlock indicating that it's a safe and legitimate website)

So, hackers have multiple targets to meet to launch a perfect attack. Well, the first three techniques are being used nowadays, but were lacking a very important member in the crew, Trust.
Before, nobody was able to break the trust rule and build a complete, flawless phishing attack. Now they can generate any valid certificate and make their phishing bank websites appear legitimate and secure. End user who is dealing with secure online transactions will be comfortable when he sees the padlock and there are no warning signs about website identity.
Countermeasures for (Website Admins):
1) Replace MD5-based SSL certificates, with SHA-1 certificates because they are more secure.
2) Use Extended Validation certificates (EV).
Countermeasures for (CA):
1) Stop issuing MD5-based SSL certificates, and replace them with SHA-1 certificates
2) Encourage customers to replace their MD5-certificates with SHA-1 certificates
3) Encourage customers to upgrade their certificates to Extended Validation (EV) for more security. See http://www.verisign.com/ssl/ssl-information-center/extended-validation-ssl-certificates/
4) Monitor "Certificate Signing Requests" by the same user in quick succession
5) Add randomness to the certificate fields, like the serial number field.
Countermeasures for (Users):
The basics:

1) Padlock appearance is not enough, you should move on with other ways to make sure your visiting the legitimate and secure website.

2) Upgrade your browser to the latest version (IE 8 / FF 3 / Opera 10) to use their built-in anti-phishing capabilities.

3) Install good endpoint security software to stop malwares, and make sure it's updating definitions daily. The latest versions includes online security features like (Norton Internet Security 2009 and Kaspersky Internet Security 2009)

4) Install Windows patches and service packs to stop malwares and online attacks from exploiting any vulnerability in your system.

5) Install and updates all ActiveX components in your browser by upgrading the original software (ex. PDF reader ActiveX, you should upgrade Adobe Reader. Real player embedded ActiveX; you should upgrade RealPlayer…and so on). You can use Secunia Personal Software Inspector (PSI) to scan your system for insecure softwares and utilities.

The Advanced:

If you want to do any online transactions, use Authentium’s SafeCentral to create a secure session between a locked-down browser and your online bank. It has capabilities to defend against the following attacks: Keyloggers, Spywares, DNS poisoning, Malwares, Sniffing, Man-in-the-middle
Visit their website: http://www.safecentral.com/