3 Important Things You Should Know About Heartbleed

Password leaks and targeted attacks are nothing new and the latest security bug related to a massive loss of passwords across the world is ‘Heartbleed’. This bug has received a lot of media coverage over the last few days, so there is a lot of confusion about what it is and what one needs to do to fix the issue.

large-hero-heartbleed

This blog post aims to help you better understand what Heartbleed really is and what you need to do in order to secure your presence online. Heartbleed has affected about 17% (close to 500,000) of the web servers across the world, so there is a high chance that you are affected by this too. With that in mind, here’s what you need to know now.

Fact # 1: What exactly is Heartbleed?

Heartbleed is a security bug that affects servers that use OpenSSL (Secure Sockets Layer) technology. When you log in to your email account, or make a financial transaction online, the server that hosts this activity is protected by the SSL technology, which is denoted by the symbol of the padlock near the address bar and the unmistakable presence of “HTTPS” as a prefix of the URL itself.

Hearbleed_bug

Heartbleed is a bug that afflicts this very protective measure and exposes information that SSL attempts to protect. What this means then, is that sensitive information like passwords, credit/debit card details and more are susceptible to this bug and can be stolen.

What this means is that there is nothing wrong with your PC or your antivirus software. This is an issue that needs to be dealt with by the people who run the websites that make use of SSL. Moreover, if you are surfing the Internet you will not be able to tell if a service you are using is affected by Hearbleed or not.

Fact # 2: Which websites and online services are affected?

While most of the sites that have been affected have taken corrective steps already, there are bound to be many more which are still working on it. If you use some of the following services then there is a high chance that your password and details may have been leaked.

Facebook

Gmail

Amazon

SoundCloud

Instagram

Yahoo Mail

Flickr

YouTube

Pinterest

Google

Minecraft

Wikipedia

Tumblr

GoDaddy

Netflix

Dropbox

As you can see, the list is huge. There are several more services that have been affected, so the potential damage here is substantial.

This online tool can also help you ascertain whether a particular URL is afflicted or not. If you carry out online banking transactions, then we highly recommend that you change your account passwords. Also, check this tool to see if your bank’s online portal is affected by Heartbleed or not.

Fact # 3: What do you need to do?

While there is nothing specific that you can do to combat Heartbleed, one major precaution you should take is change ALL your online passwords right away. This will ensure that if any of the services you use have been afflicted by Heartbleed, then at least your passwords will be safe. Apart from this, stay alert about any unusual activity on your accounts. If you feel something is out of the ordinary, take the necessary corrective steps as soon as possible. Moreover, spread the word about Heartbleed and inform your friends and family members as well.

what_is_phishing_how_can_you_doge_it_

WARNING: Be on the lookout for fake password reset emails

With such widespread activity occurring simultaneously with regards to password changes all over the world, this is bound to lead to several phishing emails about password resets. Be on the lookout for such emails and stay away from fake emails that ask you to change your passwords. Read here for some tips on how to recognize fake phishing emails.

Quick Heal will keep you updated about any further developments and news regarding Heartbleed, so keep checking back for more information.

Rahul Thadani

Rahul Thadani

Follow @

Subscribe
Notify of
guest
144 Comments
Inline Feedbacks
View all comments
surajit
surajit
6 years ago

nice…

SPS Bindra
SPS Bindra
6 years ago

Dear sir,

Thanks for giving precious information about changing passwords. Please advise whether banking account passwords are to be changed or all the passwords including passwords for email accounts are to be changed.

Anonymous
Anonymous
6 years ago
Reply to  Rahul Thadani

Can the password be hacked during changing them as well??
If yes, what process should be followed while changing them??

Sanjeevi
Sanjeevi
6 years ago
Reply to  Rahul Thadani

thanks for your information

Vinay Joshi
Vinay Joshi
6 years ago
Reply to  Rahul Thadani

Dear Mr. Rahul Thadani, It’s not advisable to change all your p/words in one setting! Crucial first, others say in 10/15 days. I change my banking p/word et al; in one setting, what guarantee that my bank’s server is not infected? In the event my machine is infected how do i know? Quick Heal will highlight it? Delete/repair! What next? How many servers including twenty odd mentioned by you – by name – have informed it’s users of the re-issuance of site certificate for their upgraded servers? That it has right version of Open SSL/TLS! The bug has been around… Read more »

murali
murali
6 years ago

good

Swapnil Wani
Swapnil Wani
6 years ago

Thanks…
Very important and helpful information.

Lt Col Sandeep Singh Bajwa
Lt Col Sandeep Singh Bajwa
6 years ago

This is really very practical and real time warning which your esteemed institution has given its users. Will surely help.Another issue is that the financial institutions in consultation with ITES providing Anti-Virus solutions have mandatory obligation to protect their customers and clients.
Thanks & Regards,
Lt Col Sandeep Singh Bajwa.

PBBHIMJIANI
PBBHIMJIANI
6 years ago

Very rightly guided by you.Thanks.In future always guide like this.

PBBHIMJIANI
PBBHIMJIANI
6 years ago

Very rightly guided by you.Thanks.In future always guide like this

Venkida Krishnan
Venkida Krishnan
6 years ago

super

Asish Bishoi
Asish Bishoi
6 years ago

Thank you Quick Heal for such an important piece of Information.I hope you guys will always try to keep us safe.I am earnestly looking forward for a newer updated article.

swaleha
swaleha
6 years ago

thanks! I’ll change my passwords right away.

ramprasad bangaru
ramprasad bangaru
6 years ago

The information was really helpful. Keep me updated.

sadanand Jadhav
sadanand Jadhav
6 years ago

Good one

KhargeswarRabha
KhargeswarRabha
6 years ago

It’s very useful

Subrat Pradhan
Subrat Pradhan
6 years ago

Thanks a lot for getting us updated.

Harshal Pande
Harshal Pande
6 years ago

Thank You For posting this information.
Its very useful for us.

hari
hari
6 years ago

thanks sir

Santosh
Santosh
6 years ago

Thanks for information

mark
mark
6 years ago

Useful

Varun shah
Varun shah
6 years ago

Thank you for precious information.

Ashish Rane
Ashish Rane
6 years ago

Thanks for the info.

NV
NV
6 years ago

Is mobile browsing at the same risk level as Laptop/PC browsing?

susanta
susanta
6 years ago
Reply to  Rahul Thadani

I have found some “heartbleed” folder in my windows 7 and deleted that. I have not marked exact location though. I am not confirmed that it was vulnerable or good. I have just deleted that folder. Please check your system folders carefully.

Debashish
Debashish
6 years ago

Thank you for this precious information

HANSRAJ SINGH SHAKTAWAT PEETH- DUNGARPUR
HANSRAJ SINGH SHAKTAWAT PEETH- DUNGARPUR
6 years ago

its really helpful attention…..thanks a lot…

Aduku
Aduku
6 years ago

Thanks for the useful information.

Virendra Kumar Kalia
Virendra Kumar Kalia
6 years ago

Thanks for the timely usefull info, will change the passwords asap.

urmimala
urmimala
6 years ago

Is it safe with Quickheal ? Does Quickheal support the safety of my PC from this virus?

Farhad
Farhad
6 years ago

Thank You For This Precious Information.

vijay
vijay
6 years ago

thanks

Hasmukhrai Desai
Hasmukhrai Desai
6 years ago

Suppose we change our bank a/c password, is not possible that the new pass word also gets theft? Then what is safety?

amit
amit
6 years ago
Reply to  Rahul Thadani

sir please tell,how we can be safe by changing our password because it chance again may be leaked…….and to change password always its impossible….so give proper measure to overcome this problem……

Ram kishan sharma
Ram kishan sharma
6 years ago

Thanks Quick Heal for this information.

Rev Dr Rahul Uthwal
Rev Dr Rahul Uthwal
6 years ago

Thanks

ravi sharma
ravi sharma
6 years ago

Congratulation quick heal, really you have given a very very useful information.Thanks for your support.

Dr Manoj Tamboli
Dr Manoj Tamboli
6 years ago

Thanks a lot for this important information.

Biswa
Biswa
6 years ago

thanks a lot

alpesh rami
alpesh rami
6 years ago
Reply to  Biswa

Thank you for Information

Eruch Kateli
Eruch Kateli
6 years ago

Thanks
People use their intelligence wrong way
Wish this intelligent people use their knowledge in a better way
God guide them on right track

Ravindra Madhav Deshpande
Ravindra Madhav Deshpande
6 years ago

thanks, keep informming me about the latest news on this topic

Ravindra Madhav Deshpande
Ravindra Madhav Deshpande
6 years ago

please tell me the frequency for changing the password/s because itis really difficult to memorise every changed password. my netbanker has stipulated changing password evey six maonths(SBI NET, protected with VERYSIGN). also keepa dvising about the latest info. thanks.

Anup Devnikar
Anup Devnikar
6 years ago

If I change the password now while the site is still affected, is it not possible that the bug would steal the new password too?

George
George
6 years ago

Grateful to the QHT that had given this vital information and thanks to their R&D team who taken pain to diagonise this virus…….with regards

hema
hema
6 years ago

hi,

pl guide abt the online tool …u have given link to, in your article….

It shows some other website..\

regards

Harshit Saxena
Harshit Saxena
6 years ago

Thank You For Your Precious Advice.Is There Any Software Which Can Protect Our PCs Against Heartbleed?

subrat ku.behera
subrat ku.behera
6 years ago

good

gurpreet singh
gurpreet singh
6 years ago

very good useful information

ashok mehta
ashok mehta
6 years ago

Hats off for such a superb information. Keep it up!!!

g.kesho
g.kesho
6 years ago

thanks

Sachin Latiyan
Sachin Latiyan
6 years ago

sir
I m using Xperia C, it refuses to respond and screen goes black, ring comes and I m able to receive call only with idea what may b the reason.
Thanks

SUKOMAL DHAR
SUKOMAL DHAR
6 years ago

Is it necessary to change the 3D security number of credit card ?

Anupam
Anupam
6 years ago

Dear Rahul,
How do we know which website has been inflicted by Heartbleed?

Best
Anupam

Hari Parsad
Hari Parsad
6 years ago

good awareness/knowledge

but can you tell me all these host’s Database are 100% Infected or not and how can this bug work :-

Facebook,Gmail,Amazon,SoundCloud,Instagram,Yahoo Mail,Flickr,YouTube,Pinterest,Google,Minecraft,Wikipedia,Tumblr,GoDaddy,Netflix,Dropbox

Dr Bipin Prajapati
Dr Bipin Prajapati
6 years ago

If the services are affected we are not able to detect the bug. In such situation, how much is it safe to reset the passwords of affected services ?

Prashant
Prashant
6 years ago

is there any app to protect from Heartbleed for my phone

Prashant
Prashant
6 years ago
Reply to  Rahul Thadani

4.2.2 android

144
0
Would love your thoughts, please comment.x
()
x