We have a had a number of enquiries today about the Freak Attack Vulnerability.
First off, if you are customer using our service your data is not vulnerable to this attack as we have disabled support for these, lower grade encryption protocols in October 2014. Our service will not accept RSA_EXPORT cypher suites.
Why is it called Freak Attack
Its short for: Factoring Related Attack on RSA Keys
What is it ?
The Freak is a vulnerability that takes advantage that exists on approximately 12% of all servers out on the Internet as of today, so its well into the millions and some of the sites are still vulnerable to it. I just checked Americanexpress.com and it’s vulnerable as of 21:00 eastern today there are many other very popular websites effected too. It takes advantage of 512 bit encryption which is pretty weak these days.
How does it actually work ?
To take advantage of this vulnerability you first have to intercept (man in the middle attack) traffic between a browser that is effected and a website that will negotiate its SSL connection to a weaker encryption. Once this is done the data that you thought is secure can now be decrypted, in other words a hacker can now see your passwords, credit card info, etc and other data which you assumed to be safe.
How can I check if my website is vulnerable ?
There’s a site setup to check if your site is vulnerable.
https://tools.keycdn.com/freak
Mark Teolis
CEO for DOSarrest Internet Security.
-
