Researchers from Google Discovered How to Hack a Corporate Network just by Sending an Email

What if, with a single email, an attacker could monitor all traffic on a supposedly protected network?

Researchers from Google’s Project Zero found, and silently reported, a bug in FireEye security software that allowed attackers to do just that. No, it’s a not a phishing scam. No one had to actually open the email. Just sending it was enough.

Also Read : The Anatomy Of A Data Breach

FireEye offers devices that scan all traffic flowing through a company’s network. If malware is detected in any transfer, the device intercepts the file and removes the malware.

Project Zero demonstrated they could use this constant screening process against the software, turning it from a security feature into a bug that monitors all Internet traffic inside the company. Google employee Tavis Ormandy outlined the process in a blog post.

“For networks with deployed FireEye devices, a vulnerability that can be exploited via the passive monitoring interface would be a nightmare scenario,” wrote Ormandy, adding that such an exploit could let hackers passively monitor all traffic on a company’s network. He then outlined an exploit that does exactly that.

Also Read : What Is DDoS Attacks And How Does It Works ?

Read the entire post if you’re technically inclined — everything is laid out in detail. But don’t worry, FireEye has been notified of the problem, and given a chance to fix it before Google published the exploit for the entire world to read.

Google’s Project Zero team is charged with discovering, documenting, and silently reporting zero day exploits before malicious hackers do. The team researches not only potential security issues in Google services, but any software used by large groups of people.

When the team discovers a flaw in another company’s software, they report it silently so that patches can be developed and released. It’s only after everything is fixed that they make their discoveries public — or 90 days, whichever comes first. The team caused controversy in 2014, when Microsoft did not fix an exploit in Windows 8 within the 90-day Window.

Also Read : What Is SQL Injection Attack And How Does It Works ?

Avinash A
Avinash A
Meet Avinash, a tech editor with a Master's in Computer Science and a passion for futuristic tech, AI, and Machine Learning. Known for making complex tech easy to understand, he's a respected voice in leading tech publications and podcasts. When he's not deciphering the latest AI trends, Avinash indulges in building robots and dreaming up the next big tech breakthrough.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream