A significant security loophole has been exploited in major browsers, including Apple Inc.’s AAPL Safari, Alphabet Inc.’s GOOG GOOGL Google Chrome, and Mozilla’s Firefox. This vulnerability, present for nearly two decades, has allowed hackers to infiltrate private networks, even those protected by firewalls.
What Happened: The issue stems from the way these browsers process queries to a 0.0.0.0 IP address. These queries are redirected to other IP addresses, including “localhost,” a server typically used for testing code in a private setting, reported Forbes.
Israeli cybersecurity startup Oligo discovered that hackers have been exploiting this vulnerability to gain access to private data. The attack, known as a “0.0.0.0-day” attack, involves luring the target into visiting a seemingly innocuous website that sends a malicious request to access files via 0.0.0.0.
“Developer code and internal messaging are good examples of some of the info that can be accessed right away,” stated Avi Lumelsky, an AI security researcher at Oligo.
“But more importantly, exploiting 0.0.0.0-day can let the attacker access the internal private network of the victim, opening a wide range of attack vectors,” added Lumelsky.
Apple has confirmed to Forbes that it plans to block all attempts by websites to access 0.0.0.0 in the macOS 15 Sequoia beta. Google's Chromium and Chrome security teams are also considering a similar move, according to online posts, the report noted.
Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox.
On the other hand, Mozilla has not yet introduced a solution in Firefox, citing concerns that blocking 0.0.0.0 could disrupt servers that use the address as a substitute for localhost.
Apple, Google, and Mozilla did not immediately respond to Benzinga’s request for comments.
Notably, Microsoft Corp.’s MSFT Windows systems are immune to this attack as the tech giant has blocked 0.0.0.0 on its operating system.
The researchers are scheduled to present their findings at the DEF CON conference in Las Vegas this weekend.
Why It Matters: The IP address 0.0.0.0 is a non-routable IPv4 address with several uses, primarily as a default or placeholder address.
The Internet Engineering Task Force defines the IP address 0.0.0.0 as a reserved, special-purpose address for “this host, this network,” according to TechTarget.
Despite its valid address syntax, a client device using it as a source IP address cannot communicate on a network. This makes exploiting this address by hackers a significant concern, as it allows them to breach private networks undetected.
Check out more of Benzinga's Consumer Tech coverage by following this link.
Read Next:
Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
Photo courtesy: Unsplash
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.