Wednesday, November 25, 02:25
Home inet BREACH: the two Greek hackers who broke Facebook and Gmail

BREACH: the two Greek hackers who broke Facebook and Gmail

Two Greek researchers seem to be amazed at everyone in Black Hat Asia 2016. Dimitris Karakostas and Dionysis Zedros upgraded BREACH (Browser Reconnaissance and Exfiltration through Adaptive Compression of Hypertext) to permeate the most common Web encryption algorithms.karakostas zindros BREACH

The two PhD students who presented the BREACH attack were even released and a framework which will help hackers (with good intentions) and intelligence services spying on Facebook and Gmail.

dimitris karakostas dionysis zindros
Dimitris Karakostas (left) with Dionysis Zedrod. Picture: Darren Pauli The Register.

In Black Hat Asia, the pair once again proved that the Internet can not be the term security even in the most popular online services, investing a lot of money and labor hours to protect themselves.

The new version of BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) is even more powerful: hackers can target "noisy" end-points that do not use strong encryption algorithms, including AES 128 bit.

They say the new attack is also 500 times faster than the original attack.

The original BREACH attack was released to Black Hat at 2013 and was internationally recognized. The attack offended the common Deflate data compression algorithm used to save bandwidth on Internet communications.

Karakostas and Zedros (@dionyziz) from the National Technical University of Athens and the University of Athens described their project in the paper Practical New Developments on BREACH (PDF).

On the Black Hat Asia scene, they showed how the attack could be used to read Facebook victim's emails and Gmail emails using the “Rupture” framework, which they have developed and makes attack much simpler.

An attack, however, is not a toy and said it would take weeks to successfully break a target.

The “Rupture” framework is open source and is developed by Ph.D. students of the group.

Code

Whitepaper

LEAVE ANSWER

Please enter your comment!
Please enter your name here

SecNews
SecNewshttps://www.secnews.gr
In a world without fences and walls, who needs Gates and Windows

LIVE NEWS

Amazon - PlayStation 5: Complaints about non-delivery of orders!

Amazon has announced that it is currently investigating what happened to the PlayStation 5's delivery failure after reports of theft ....

How to mute Fleets on Twitter

Twitter "stories", called Fleets, allow you to post content that disappears after 24 hours. But if you want ...

Apple's security chief accused of bribery

A prosecutor in Santa Clara, California, issued an indictment on Monday, accusing Apple security chief Thomas Moyer of offering bribes ...

A mysterious metal monolith was discovered in the Utah desert

A strange metal monolith was found in the Utah desert by a helicopter crew passing through the area!

US election: A small group of accounts spreads fake news

The researchers found that a small group of social media accounts are responsible for spreading fake news about ...

Intel spreads FUD on Ryzen 4000 performance

On Friday, Intel made a presentation to various journalists and analysts telling them that there is a serious discrepancy between the performance of ...

Black Friday: What are Amazon's best deals?

Black Friday is almost here, and we've put together the best deals on Amazon devices. Amazon has an ever-expanding list of devices, ...

Data breach at Bristol City Council

A data breach that took place in the Bristol City Council, resulted in the leak of information such as names and email addresses ...

E-Land-South Korea: Fell ransomware attack

One of the largest retailers in South Korea, E-Land, was forced to close almost half of its stores after a ransomware ...

Investigator breaks down a Tesla Model X in just minutes

A Belgian security researcher has discovered a method that hijacks the firmware of key fobs of the Tesla Model X, allowing him to ...