SYRIA: The Weekly Scoop Volume 4, Issue 3 | Page 8

Syrian Electronic Army uses Heartbleed to steal millions of passwords

Today the Syrian Electronic Army exploited the newly discovered security loophole in OpenSSL to steal millions of passwords from pro-Revolution websites.

The Heartbleed security flaw was made public Monday and allows attackers to view up to 64KB of memory from any computer in the world; the memory of an Amazon server, for example, would be filled with thousands of encrypted passwords - which the Heartbleed flaw allows attackers to decrypt. Because the servers of a company like Amazon get thousands of request every second, the memory refreshes on each request and contains different usernames and passwords than before on every single request. Users can log the server memory contents to a separate file, which allows the attackers to save millions of passwords within a few seconds. To view more information on the Heartbleed loophole, go to http://heartbleed.com.

Heartbleed was exploited by the Syrian Electronic Army and stole passwords from pro-Revolutionary sources, namely The Washington Post and The New York Times. The pro-government organization was able to collect passwords for a total of an hour and forty-two minutes overnight, until the Times and Post IT teams were alerted of the attack and were able to fix the loophole.