Influenza A virus subtype H5N1 grouping of hackers managed to interruption into Red Star OS — North Korea's authorities sanctioned Linux-based OS — using simply a link.
Red Star OS is North Korea's ain homegrown OS that looks remarkably simply similar Apple's OS X in addition to gives North Korean authorities to a greater extent than command over the computers, providing non alone safety but also spying tools that assistance rail files inwards a agency that if the authorities wants, every chip of user's information tin hold upward traced easily.
According to the information safety fellowship Hacker House, Red Star OS contains a critical vulnerability that makes it possible for hackers to gain remote access to whatsoever PC running North Korea's OS simply yesteryear tricking victims into opening a hyperlink.
The latest version of Red Star OS ships amongst a Firefox-based spider web browser called Naenara, in addition to according to researchers, the "trivial remote exploit fix on vectors" contained inwards the spider web browser allows attackers to hack into the system.
Here's how the exploit work:
The Hacker House hackers exploited a item Red Star application that handles Uniform Request Identifiers (URI) – a string of characters used to position resources inwards a network.
Hackers noted that the "mailto" URI asking used for electronic mail could hold upward exploited yesteryear hackers to remotely "execute arbitrary commands."
Since this item URI does non take requests from the application's command line, hackers could "trivially obtain code execution" simply yesteryear injecting malicious links into the command line.
"Whilst probing for vulnerabilities it was noticed that registered URL handlers were passed to a command trouble utility '/usr/bin/nnrurlshow.' This application (aside from having nada ptr de-refs in addition to other cute bugs) takes URI arguments for registered URI handlers when treatment application requests such equally 'mailto' in addition to 'cal,' the Hacker House hackers explains.
"Naenara doesn't sanitize the command trouble when treatment these URI declaration requests in addition to equally such you lot tin trivially obtain code execution yesteryear passing malformed links to the nnrurlshow binary."
In short, this safety flaw tin hold upward used easily to install malware or exploit PCs running the Red Star operating system.
Rival Republic of Korea has long blamed Democratic People's Republic of Korea for mounting diverse cyber attacks against its government, military, in addition to other organizations.
Just recently, the South Korean armed forces blamed Democratic People's Republic of Korea for breaching its armed forces cyber command. Influenza A virus subtype H5N1 spokesman for the armed forces cyber command told BBC that classified information was idea to stimulate got been stolen, although it's non clear just what information was accessed.
