• News
    • Archive
  • Celebrities
  • Finance
  • Crypto
  • Entertainment
  • Travel
  • Health
  • Others

Hackers Using Holes In Virtual Network Computing To Steal Your Data

2.3KShares
56.4KViews

Hackers using holes in virtual network computing (VNC) is a real problem happening in this technological world.

Virtual network computing (VNC) is a sort of remote-control software that allows one computer to operate another via a network connection.

VNC shows the visual desktop display of another computer and allows you to control it via a network connection.

Most discussions of hacking and hackers nowadays paint them in a negative light, as criminals who break the law for various reasons, such as monetary gain, political protest, information gathering, or spying.

Researchers found 37 security holes in four different open source Virtual Network Computing (VNC) deployment options.

COPYRIGHT_WI: Published on https://washingtonindependent.com/ebv/hackers-using-holes-in-virtual-network-computing/ by Tom Mohamed on 2022-08-17T14:54:47.246Z

Many of these date back to the late 20th century, making their existence over 20 years in the making.

Kaspersky's ICS CERT emergency security research team discovered security flaws in four different VNC implementation solutions, including LibVNC, TightVNC 1.X, TurboVNC, and UltraVNC.

RealVNC is one of the most popular VNC clients, and it hasn't been tested in an unacceptable way.

Some popular platforms that work with these VNC systems are Windows, Linux, macOS, iOS, and Android, but that's not all.

Over 600,000 VNC Servers Are Likely To Be Compromised

Based on information from the Shodan search engine for Internet-connected devices, the ICS CERT team at Kaspersky Lab estimated that over 600,000 VNC servers can be accessed remotely through the Internet.

However, this number does not include VNC servers running on local area networks.

All of the VNC security holes that researchers found were caused by the wrong way to use memory, and exploit attacks caused service interruptions, bugs, and even data theft.

Malicious code is used and run on the device.

Although many of these problems have existed for quite some time, nobody has taken the time to identify them and repair them.

The Kaspersky team has found a number of holes in VNC, some of which are described in this article.

LibVNC

  • CVE-2019-15681
  • CVE-2018-20024
  • CVE-2018-20023
  • CVE-2018-20022
  • CVE-2018-20021
  • CVE-2018-20020 etc.

TightVNC 1.X

  • CVE-2019-15680
  • CVE-2019-15679
  • CVE-2019-15678 and many other.

UltraVNC

  • CVE-2019-8267
  • CVE-2019-8266
  • CVE-2019-8265
  • CVE-2019-8264
  • CVE-2019-8263
  • CVE-2019-8262
  • CVE-2019-8261
  • CVE-2019-8260
  • CVE-2019-8259
  • CVE-2019-8258
  • CVE-2018-15361 and many other UltraVNC's

Kaspersky gives the following advice to users of VNC to keep them from taking advantage of these flaws:

  • Check to see if the device can connect remotely and, if so, block the connection remotely.
  • Inventory all remote access software, not just VNC, and ensure that their versions are up to date.
  • If you have any reservations regarding the application's dependability, please discontinue use.
  • Upgrade to the current version if you wish to keep deploying them.
  • Use a strong password to secure your VNC server. This will make the attack much more difficult.
  • Connecting to untrusted or untested VNC servers is not recommended.

Understanding The Nature Of Hacking

A hacker who used gloves to gather information by encoding codes in a laptop safely
A hacker who used gloves to gather information by encoding codes in a laptop safely

As a typical definition of hacking says, it's when someone gains access to a computer or network without permission.

Though not all hacking is done with bad intentions, the term is typically used to refer to the illicit activities and data theft of cybercriminals.

Technology such as computers, smartphones, and networks can be hacked and used for malicious purposes.

These malicious purposes include sabotaging systems, spying on people, stealing sensitive information, or disrupting data-related activities.

Usually, there are four main causes for malicious actors to breach websites or systems.

They do this for a variety of reasons, including (but not limited to):

  • Gain money by stealing credit card information or otherwise scamming the financial system.
  • Acquire intellectual property in illegal way. This is known in the term "Corporate Espionage."
  • target commercial networks in order to obtain sensitive data using state-sponsored hacking campaigns.

On top of that, there are politically motivated hackers that try to draw public attention by disclosing essential tasks.

These hackers are known as hacktivists, and some examples of hacktivist organizations are Anonymous, LulzSec, and WikiLeaks.

Note that not all hackers are criminals.

In fact, some of them are hired by legal businesses to stop illegal plans.

The following is a list of the various sorts of hackers.

Criminal Hackers Or Black Hats

A black hat hacker is someone who breaks into computer systems to do something bad or illegal.

Most of the time, when you think of a hacker or cybercriminal, you probably think of a black-hat hacker.

Their goal is to make money off of data leaks.

Authorized Hackers Or White Hats

White-hat hackers are allowed to break into these systems so they can find security holes before criminal hackers do.

Their goal is to help businesses stay safe from cyberattacks.

"Just For Fun" Hackers Or Gray Hackers

A grey-hat hacker is an expert in cybersecurity who knows how to break into computer networks and systems, but not for bad reasons like a black-hat hacker.

Most of the time, they hack just for the fun of finding weaknesses in computer systems, and they might even tell the owner if they find any.

Authorized Software Hackers Or Blue Hats

Organizations use blue-hat hackers to evaluate new software or system networks before they are published.

Their job is to detect flaws or security flaws in new software and fix them before it is released to the public.

Can You Hack A Virtual Machine?

Virtualization software is no exception to the rule that all software has bugs.

Even though isolating potentially dangerous behavior in a virtual machine (VM) makes it much less likely that your main computer system will be hacked, it is still possible.

If your virtual machine (VM) is hacked, it is possible that the hacker might then exit your VM and run and modify applications freely on your host machine.

This would be the case if your VM was compromised.

Your attacker must have a way to break into your virtualization software to do this.

Although uncommon, these issues do occasionally arise.

As detailed above, you should also exercise caution with regard to the manner in which you use the VirtualBox clipboard sharing and file sharing functions.

If you copy something to the clipboard on your host system, such as a password, and the VM is configured to "Host to Guest" or "Bidirectional" for Shared Clipboard, then anyone who has hacked the VM can see what you copied.

Why Do Hackers Use Virtual Machines?

Ransomware attackers are able to carry out their activities in a manner that is more stealthy since they make use of virtual machines as part of the process.

This is because ransomware is more likely to be able to encrypt files on the host machine before the activity is discovered if it is run in a virtual environment.

Symantec discovered that VirtualBox is a valid kind of open-source virtual machine software that Symantec discovered during a recent examination into a failed ransomware campaign.

VirtualBox was used to run versions of Windows 7 to help the ransomware operations install malware.

Here's what Symantec had to say about it:

The motivation behind the tactic is stealth. In order to avoid raising suspicions or triggering antivirus software, the ransomware payload will "hide" within a VM while encrypting files on the host computer.

Even though a virtual machine is run independently from the machine it is hosted on, it may have access to the files and directories on the host machine through shared folders.

This is a vulnerability that cybercriminals can exploit to enable the payload that is hosted in the virtual machine to encrypt files on the actual computer.

Quora user Chris Tarnawski claims that hackers created virtual machines and are avid users of such technology.

"Hackers are the ones who invented virtual machines. They most definitely use them. Sometimes they use other people’s virtual machines too.

In fact, it’d be pretty hard to find someone, anyone on the internet, who didn’t use virtual machines.

They are everywhere. If you shop online, you very likely are using a virtual machine somewhere in the cloud. Not necessarily directly, but you’re relaying on their services."

Helder Martins commented:

"Virtual machine is basically another device plugged into your network, so if your network is not well protected (antivirus, firewall, etc) an attacker can get into any neighbor real PC, router, IoT device, etc through your VM."

Lastly, Kemoy Campbell, a Quora user who identified himself as a Bachelor of Science in Computer Science & Computer Security student at Rochester Institute of Technology, stated:

"It is possible [for hackers to access a host machine through a virtual machine] but not easily to do. Often exploits occured as a result of a simple mis-configuration or vulnerability.

It can take just one vulnerability to breach a system. VM machines are often running as a "guest" of the host and in sense of speaking. It is a sandbox. However, it is also subject to the same attacks as if it was a physical machine."

Campbell added:

Again, you want to have the mindset that anything can be hacked or exploit. You just have to take the necessary steps to harden your system on a regular basis and remember that security is not magic or a one and done solution. It is a process and you need to evolves with it.

Can Hackers Use Https?

Can HTTPS be hacked?

People Also Ask

How Do Hackers Penetrate Networks?

Hackers are able to monitor individual data packets as they go over a network thanks to software known as "packet sniffers."

They are afterwards able to make use of and duplicate this information.

Malware can be put on a system by an employee or downloaded by a customer who is using a website, USB drive, or piece of software that has been hacked.

What Methods Do Hackers Use?

Here is a list of common hacking methods that you and your staff should be aware of and do all in your power to prevent.

  • Viruses and Trojans.
  • Cookie Theft.
  • Fake W.A.P.
  • ClickJacking Attacks.
  • Denial of Service (DoS\DDoS) Attacks.
  • Key Logger.
  • Bait and Switch Attack.
  • Phishing.

Can VNC Be Hacked?

In four widely used open-source VNC remote desktop applications, 37 security holes have been found.

The most severe ones have been around for 20 years and have gone unreported, allowing remote attackers to compromise systems they target.

How Secure Is VNC?

VNC Connect is already safe to use.

All connections are encrypted from end to end, and by default, remote computers are protected by a password (for Home subscriptions) or by system login credentials (Professional and Enterprise subscriptions).

What Is The Most Secure VNC?

  • Chrome Remote Desktop
  • JollysFastVNC
  • RealVNC
  • TigerVNC
  • UltraVNC
  • TeamViewer
  • AnyDesk

Conclusion

The author hopes you found this article on "Hackers using holes in virtual network computing" useful and that you enjoyed reading it.

As far as hackers are concerned, people often break the rule that says, "Don’t access personal or financial data with public Wi-Fi."

This may sound simple, but you'd be amazed at how many individuals use public Wi-Fi to conduct financial transactions.

You should preferably do these actions over an encrypted connection.

Moreover, always use a strong password that is at least eight characters long and has a combination of upper and lower case letters, numbers, and special characters.

Share: Twitter | Facebook | Linkedin

About The Authors

Tom Mohamed

Tom Mohamed - I understand and respect the confidence my clients put in me as a Colorado native and seasoned real estate professional, and I strive to meet their standards every day. For over 11 years, I have been a top producer. Prior to joining the real estate industry, I served in the US Army Infantry, including several tours in Iraq and Kuwait. These experiences taught me the discipline needed to create Colorado's most powerful real estate team.

Recent Articles

No articles found.