A new type of vulnerability has been identified by the security researchers of Cambridge University, Nicholas Boucher and Ross Anderson, and this vulnerability enables threat actors to insert visually deceptive malware into the source code in such a way that is semantically correct.
Not only this, but at the same time, this vulnerability also modifies the logic defined by the source code, making the code exposed to a wide variety of cyber threats, which also include threats that are related to supply chains.
The whole Trojan Source attack has been demonstrated, and it’s been detected that this attack can negotiate the first-party software and supply chains.
While one of the experts noted that the threat actors are using a trick to use Unicode control characters so that they can easily reorder tokens in source code at the level of encoding.
Apart from all this, several manipulative ways are being used by the threat actors for encoding the source code files so that human viewers and compilers see different reasoning.
The double attack method is tracked as s CVE-2021-42574, and in this method, the hackers achieved their goal by using Unicode controls for bidirectional text as they want to prescribe the direction in which the content is being shown.
But, here, the bidirectional (Bidi) controls like LRI and RLI are invisible characters, and these two characters are not the only ones.
Moreover, the hackers have used another method that is a homoglyph attack, and it has been tracked as CVE-2021-42694. In this method, the threat has two different characters that have a related visual representation.
The security experts have mentioned some of the techniques that generally allows exploiting of the source code; thus we have mentioned them below:-
On July 25, acquainted several maintainers of products that were being observed to be influenced by the Trojan Source attack method and set a 99-day embargoed disclosure time.
At the end of the review, they also underwent an average of $2,246 in bug bounties from five of the beneficiaries; however, 11 of them had a bug bounty application.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.
Password spraying is a technique hackers often take advantage of because it enables them to…
GitLab has announced the release of updated versions for both its Community Edition (CE) and…
Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk…
GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights…
In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers,…
Apple users are falling prey to a sophisticated phishing campaign designed to hijack their Apple…