Most of us will seen the reports about Heartbleed on the news or online, but what is it?
Most descriptions are long and wordy so here is a quick bullet list to help…
- Heartbleed is exploitation of a bug in program code that allows ‘the bad guys’ to use malware to gather secure information.
(or put simply hackers can gain access to the supposedly secure part of your login data and capture it)
- It was first discovered in early April 2014
- It’s aim is to capture sensitive information such as your website account details and passwords
- It is targeted at the web server itself rather than your PC
- Web servers impacted will be running OpenSSL version 1.0.1 to 1.0.1f
- Over 60% of websites use OpenSSL
- It is mainly, but not solely,targeted at web servers running Apache or NGINX
- Heartbleed has been around undetected for over two years
- Web servers that used impacted OpenSSL for secure login will have been infected
- It leaves no trace of its attack on the server
Probably the most damning fact in there is that the virus has been around for two years and will already have gathered a stack of data.
So what does this mean to you…
- If you have logged in to a server that has been attacked by Heartbleed then your login and password may have been stolen by the ‘bad guys’.
- You should change your password on any server that used OpenSSL but only after that site has confirmed that they have closed the hole by updating their server (otherwise the new password will be captured)
- There is an excellent list of popular web services, whether they have been attacked and whether they have fixed the hole available at http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
What is OpenSSL?
OpenSSL is a system used to encrypt data that you enter into a site. It’s aim is to ensure that only your system and the receiving site can access and read the data entered. You’ll see the term a lot when doing online shopping.
Hope this helps clarify things