Today a group of hackers found a new vulnerability in Red Star OS—North Korea’s government sanctioned operating system—which allows it to easily be hacked remotely.
The hermit kingdom’s linux-based OS has never exactly been known for its security features and significant vulnerabilities have been exposed on numerous occasions since it leaked to the rest of the world last year. The latest vulnerability, exposed by the information security company Hacker House “to mark Red Star’s anniversary leak,” allows a hacker to remotely access users’ computers simply by getting them to click on a hyperlink.
The third and latest version of Red Star OS comes with a modified Firefox web browser called Naenara, as well as a number of other bizarre features such as a wine wrapper that allows users to run Windows 3.1 applications. According to Hacker House, it was the “trivial remote exploit attack vectors” contained in Naenara that allowed the hackers to do their thing.
Specifically, the Hacking House hackers exploited a certain application that handles uniform request identifiers (URI), which is a way of naming resources in a network (web addresses are a type of URI, for example). In particular, Hacking House cited the ‘mailto’ URI request that is used for email as a weakness in the Naenara system because it doesn’t wipe the request from the application’s command line. This allowed the hackers to “trivially obtain code execution” by simply injecting malware links into the command line.
The exploit after being executed by Hacker House in Red Star OS. You can see the arbitrary command ‘id’ executed in the highlighted ‘To’ line in the email client. Image:Hacker House
The end result on the user side is a normal looking web link that points to ‘mailto.cmd.’ When the mail client opens up the link, it allows hackers to remotely execute arbitrary commands on the user’s computer.
One can only wonder if at least part of the reason the North Korean government maintains its stranglehold on internet access is because it’s simply embarrassed by its information security protocols—or rather, the lack thereof.
Powered by WPeMatico