follow us on twitter . like us on facebook . follow us on instagram . subscribe to our youtube channel . announcements on telegram channel . ask urgent question ONLY . Subscribe to our reddit . Altcoins Talks Shop Shop


This is an Ad. Advertised sites are not endorsement by our Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise Here

Author Topic: New Internet Explorer Exploit Could Threaten Your Cryptocurrency Stash  (Read 2553 times)

Offline Shahinaz

  • Hero Member
  • *
  • Activity: 852
  • points:
    14823
  • Karma: 27
  • Trade Count: (0)
  • Referrals: 3
  • Last Active: September 25, 2024, 01:47:22 PM
    • View Profile

  • Total Badges: 22
    Badges: (View All)
    Fifth year Anniversary Fourth year Anniversary 10 Posts
Just days ago, it emerged that a zero-day vulnerability that could affect devices running Windows 7, Windows 10 and Windows Server 2012 (R2) could be used to exfiltrate data from affected machines.

According to the report, the flaw was discovered by security researcher John Page, better known by his online alias hyp3rlinx. The attack — dubbed an “XML External Entity attack” or “XXE vulnerability” — could allow the extraction of potentially-sensitive data from an affected machine.

In the report, Page details the steps required to successfully exploit Internet Explorer in a process that requires the unwitting victim to manually open a specially-crafted malicious ‘.MHT’ file, which could then call to a particular Javascript function to extract private information and (possibly) files from an affected device.

As it stands, Internet Explorer is the only major browser that still supports Java. Moreover, since almost every Windows device released since 2009 ships with Internet Explorer installed, the potential for damage is high.

As of yet, Microsoft has not released a fix for the flaw, but a response dated April 10, 2019, suggested that it may be fixed in a future version of Windows.



Be Your Own Cryptocurrency Bank
With that said, there is a surprisingly large number of cryptocurrency owners that use old computer hardware for cold storage. Should this wallet be connected to the internet on a device with Internet Explorer as the default browser, then this wallet could potentially be extracted by an attacker under the right conditions.

As of yet, crypto-friendly alternative browser Brave has not yet taken this opportunity to muscle in on Microsoft’s already diminishing territory. That said, we imagine it won’t be long until competitors kick up a fuss about the exploit.

Uninstall Internet Explorer, Edge Users Beware
Since the news broke, Mitja Kolsek from the 0patch team found that the exploit could be further refined. This modified attack could also target Microsoft’s Edge browser while being harder to prevent and potentially much more damaging — with the potential to “extract many local files using a single MHT file.”

For now, it is recommended that users either disable Internet Explorer or completely uninstall the program until a patch is released. If you absolutely must use Internet Explorer, we recommend being extremely wary of MHTML (MHT) files, as opening one of these is a requirement for the attack.

source: https://beincrypto.com/new-internet-explorer-exploit-could-threaten-your-cryptocurrency-stash/

Altcoins Talks - Cryptocurrency Forum


This is an Ad. Advertised sites are not endorsement by our Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise Here


Offline gofunme

  • Baby Steps
  • *
  • Activity: 15
  • points:
    87
  • Karma: 0
  • Trade Count: (0)
  • Referrals: 0
  • Last Active: June 29, 2019, 09:09:56 PM
    • View Profile

  • Total Badges: 11
    Badges: (View All)
    10 Posts First Post Fifth year Anniversary
It is surprising that it is Internet Explorer. I only trust firefox now. Even the chrome can be harmful to your privacy.

Offline moonuranus

  • Sr. Member
  • *
  • Activity: 532
  • points:
    635
  • Karma: 9
  • Trade Count: (0)
  • Referrals: 0
  • Last Active: August 05, 2020, 07:25:31 AM
    • View Profile

  • Total Badges: 22
    Badges: (View All)
    10 Posts First Post Fifth year Anniversary
It doesn't bother that much, who uses internet explorer anyway? but hopefully those who still uses internet explorer as their default browser would be aware and read about this article.

Online Zed0X

  • Legendary
  • *
  • *
  • *
  • Activity: 4224
  • points:
    129861
  • Karma: 400
  • Coinomize.biz
  • Trade Count: (0)
  • Referrals: 34
  • Last Active: October 31, 2024, 10:58:50 PM
    • View Profile

  • Total Badges: 28
    Badges: (View All)
    Seventh year Anniversary Sixth year Anniversary Fifth year Anniversary
It doesn't bother that much, who uses internet explorer anyway? but hopefully those who still uses internet explorer as their default browser would be aware and read about this article.
Exactly. I don't know if there are crypto enthusiasts who even use IE nowadays. It's probably been a decade since I last use it. Anyway, this news would still be helpful to the few who still browse thru IE.

Offline damsix

  • Legendary
  • *
  • *
  • Activity: 2466
  • points:
    40903
  • Karma: 6
  • Trade Count: (0)
  • Referrals: 0
  • Last Active: April 16, 2024, 05:31:57 PM
    • View Profile

  • Total Badges: 22
    Badges: (View All)
    Fifth year Anniversary Fourth year Anniversary 10 Posts
That is important if we have to look at the details of the Pishing website.
Because in addition to the operating system, the Website is also very sought after for weaknesses.
retire and rest in peace

 

ETH & ERC20 Tokens Donations: 0x2143F7146F0AadC0F9d85ea98F23273Da0e002Ab
BNB & BEP20 Tokens Donations: 0xcbDAB774B5659cB905d4db5487F9e2057b96147F
BTC Donations: bc1qjf99wr3dz9jn9fr43q28x0r50zeyxewcq8swng
BTC Tips for Moderators: 1Pz1S3d4Aiq7QE4m3MmuoUPEvKaAYbZRoG
Powered by SMFPacks Social Login Mod