Cloudflare “Cloudbleed” Leaks Passwords, Encryption Keys, Chatlogs and More

Distributed  domain namer server and content delivery service  Cloudflare is currently dealing with the fallout of  a recent security breach that leaks the passwords, cookies, chat logs, encryption keys of big name providers such as OkCupid, Uber, FitBit, Github along  many others.

According to Cloudflare, the service was hit by the result of a Buffer Overflow pointer error that led to a chain of events that’s akin to “going to a restaurant and upon ordering the menu, being received the last orders bill and and wallet contents”. Cloudflare was quick to exclaim that customer’s private SSL keys were not targeted by the leak and identified the problem lying with Cloudflare’s use of the same HTTP parser chain; even going so far to turn off Automatic HTTPS rewrites, Email obfuscation and Server-Side excludes features for the time being. Cloudflare also took effort to work with search giants such as Google, Microsoft’s Bing, Yahoo among others to search and wipe out from the engine any instances of cached HTTP responses.

google_cloudbleed_fitbit
Poor victim Fitbit Data taken

On the bright side of things, after being approached by Google security researcher Tavis Ormandy, Cloudflare was able to fix the bug internally within 44 minutes and still managed to let their customers know of the error but the fact also remains that Cloudbleed could have impacted the websites since as back as September. Thus, users of some of these websites should keep an eye out for news of password resets and additional news on a site-by-site basis about just what was affected .

Overall, “Cloudbleed” lets us know that sometimes small bugs can lead to big repercussions.  The last big scare similar to this was likely “Heartbleed” but at the present moment, seems to impact the average individual a little less personal. That being said, if any consumer has reused passwords between any of those websites (and even unaffected websites) then perhaps a more malicious phising attack could occur. Thus, a quick reminder to use unique passwords or a password manager or even 2-factor authentication can help you stay more secure in the event of a future attack on passwords.

If you are curious if one of the websites you use was affected by Cloudbleed please check:

http://www.doesitusecloudflare.com/

http://doma.io/2017/02/24/list-of-affected-cloudbleed-domains.html

 

References:

https://www.cnet.com/how-to/cloudbleed-bug-everything-you-need-to-know/

https://www.theregister.co.uk/2017/02/24/cloudbleed_buffer_overflow_bug_spaffs_personal_data/

https://gizmodo.com/cloudbleed-is-a-problem-but-it-gets-worse-1792721147

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s