TeLeScope: Bitdefender researchers have discovered that encrypted communications can be decrypted in real time using a virtually zero fingerprint technique and invisible to anyone except extremely careful security controllers.
The technique, called telescope or TeLeScope, has been developed for research purposes and demonstrates that a third party can listen to communications encrypted with the Transport Layer Security (TLS) protocol.
The attack makes it possible for a malicious Cloud provider, or for any three-letter government service, to recover the TLS keys used to encrypt each communication session between virtual servers and cliets or end users.
"There is no information on which communications have been compromised and for how long, because this approach leaves no trace," said Bogdan Botezatu, Senior Threat Analyst at Bitdefender.
"Banks and companies that deal with either intellectual property or the collection and storage of personal information, as well as government agencies, are the areas that could be greatly affected by this flaw."
The TeLeScope technique is only effective in virtual environments running on a hypervisor. Such infrastructures are becoming more and more popular, and are provided by major companies in the industry, such as Amazon, Google, Microsoft and DigitalOcean.
The technique instead exploits a flaw in the protocol layer transports Security, is based on the extraction of TLS keys at the hypervisor level by clever memory probing.
Bogdan Botezatu continues:
“Ανακαλύψαμε αυτή την επίθεση, ενώ αναζητούσαμε έναν τρόπο για την παρακολούθηση εξερχόμενης κακόβουλης δραστηριότητας στο honeypot δίκτυό μας χωρίς να παρέμβουμε στη λειτουργία του machineματος και χωρίς να σταματήσουμε τους επιτιθέμενους, προσπαθώντας να μην καταλάβουν ότι τους παρακολουθούσαν. Μετά την ανακάλυψη του ελαττώματος, αποφασίσαμε να το αποκαλύψουμε δημοσίως και λεπτομερώς, καθώς το κοινωνικό, το οικονομικό και το πολιτικό διακύβευμα μιας παθητικής παρακολούθησης της κυκλοφορίας σε εικονικά περιβάλλοντα είναι υπερβολικά μεγάλο.”
