Hackers exploit mobile browser vulnerabilities to steal cloud computing resources

Security researchers at North Carolina State University and Oregon University have found that a new technology based on MapReduce allows hackers to hijack cloud-based http://www.aliyun.com/zixun/aggregation/13267.html " > The computing resources used by mobile browsers.

Cloud browsing uses external computing power to process Web pages and deliver them to end users. The researchers say the technology is useful for mobile browsing, or it must rely on less powerful hardware from mobile devices. At present, Opera Mini and Android Silk are the most well-known browsers using the technology.

However, the cloud can be used to accomplish heavy tasks, and can be deceived to do many other things, the researchers published a paper on this issue.

Test

The team tested the data blocks stored on the short URL web site, effectively tricking the Web sites and cloud browser providers into computing. William Enck, an assistant professor at North Carolina State University, said in a statement that the group had limited the amount of data processed in this way to 100MB.

"This amount of data can be greater, but we do not want to create an unnecessary burden on the free services we use," he said. ”

Enck adds that the technology can provide hackers with huge, temporary, completely anonymous computing power that allows them to crack passwords or perform other malicious tasks at a very fast rate.

Depending on the size of the attack, users may not notice what is happening, he said.

Enck said: "The prevention of attack events depends on a well configured cloud browser platform and the amount of tasks that an attacker is executing." Cloud browser operators are sure to notice the peak of a service usage when monitoring resource usage. Responding to this, however, requires vendors to build more defensive measures in their framework. ”

(Responsible editor: The good of the Legacy)