FREAK Attack – Android and Apple Browsers at Risk

A new Internet vulnerability is affecting popular SSL clients across the web. Eerily named FREAK, this flaw allows malicious parties and attackers to force servers to automatically downgrade to weakened ciphers. Once this is done, the attackers can easily crack all encrypted communications of these weakened servers through advanced Man-In-The-Middle (MITM) attacks. If all that sounds a bit complicated, this blog post aims to simplify it for you and give you the lowdown on how the FREAK attack affects you.

FREAK attack

How did this attack originate?

The origins of this attack lie in the complex and murky world of United States diplomacy and international relations in the 1980’s. A Federal policy at that time forbade the export of software products with strong encryption. As a result, weaker export-grade products were then shipped to other countries. While this policy was lifted in the 1990’s, this ‘weaker encryption’ somehow became embedded in various software applications of the time and was never actively rectified until many years later.

While some developers eventually shifted to stronger encryption over time, this flaw remained inherent in many applications. Attackers gradually discovered ways to force servers to switch to this weaker encryption so that they could successfully intercept their data with MITM attacks.

Why this attack is called ‘FREAK’?

The terminology of FREAK has been coined to represent “Factoring Attack on RSA-EXPORT Keys”.

What can attackers really do via FREAK?

This attack enables malicious parties to intercept web browsers and crack them over a few hours. This would enable the attackers to steal confidential passwords and other sensitive data. This could lead to several other privacy and security issues in turn. It can also enable attackers to take control over specific elements on webpages.

Right now the FREAK vulnerability primarily affects Android and Apple Safari web browsers. The Google Chrome browser installed on Android phones is not vulnerable. However, the in-built web browser is vulnerable to this attack. Searches carried out on the in-built Google search engine site are also not vulnerable.

Google has reported that it has extended solutions to its partners i.e. the manufacturers of Android devices. But it ultimately lies in the hands of these OEMs to implement the solution in order to protect their users. Apple is in the process of finding and implementing a solution for this purpose and intends to release the fix within a week.

How can I learn more about FREAK?

A good source for finding out which sites are affected and for further reading on the topic can be found on freakattack.com. Some popular sites that are affected by this vulnerability are as follows:

  • Business Insider
  • American Express
  • Jabong
  • Airtel
  • Tiny URL
  • Zomato
  • National Geographic
  • Axis Bank
  • Gaana
  • ZDNet

These and many other popular websites are vulnerable to FREAK. If you regularly visit and use these websites you need to be very careful. Researchers have also claimed that 36.7% of browser trusted sites are vulnerable. This effectively means that 1 in 3 sites that you visit could be at risk. Another good source for further reading on FREAK is this blog post issued by Matt Green, a Johns Hopkins cryptographer who is investigating this flaw.

FREAK comes along at a time when authorities all over the world are already struggling with the moral issue of gaining access into people’s personal devices and accounts for law enforcement purposes. They are also dealing with strong encryption technology implemented by device makers and their disagreement to grant these ‘open doors’ into devices.

The Quick Heal Threat Research Labs are also investigating this flaw further and we will be posting updates on FREAK from time to time.

Rahul Thadani

Rahul Thadani

Follow @

Subscribe
Notify of
guest
74 Comments
Inline Feedbacks
View all comments
Chinmay
Chinmay
5 years ago

Will this FREAK flaw affect my p.c. Which is secured by quick heal total security 2015??????

sagar
sagar
5 years ago

what is this?

Nikhil N Dave
Nikhil N Dave
5 years ago

My Google Crome blocked for secutity certificate

Abdullah Sumar
Abdullah Sumar
5 years ago

Thank you quick heal for always updating us on the threats we might face on the internet or otherwise with our systems. Really appreciate your service 🙂

LALIT KUMAR VYAS
LALIT KUMAR VYAS
5 years ago
Reply to  Abdullah Sumar

quick heel provide safe from freak attack and safe handle your record from virus and make confidential really this is good service provider for keeping data bank upgrade or updating data so very safely service

Rudolph Sylva
Rudolph Sylva
5 years ago

Great to know you are keeping us and our businesses safe. Cannot say enough how much this is appreciated.

Eldon
Eldon
5 years ago

Thank you, Quick Heal, for the update.

Anil
Anil
5 years ago

Thanks

B.J.MASSAWE
B.J.MASSAWE
5 years ago

Thanks for the alert.
Keep us informed.
B.J.Massawe

R. Sarkar
R. Sarkar
5 years ago

Many many thanks.

Anand Suryawanshi
Anand Suryawanshi
5 years ago

Quick heal you’re really amazing..
you protect my pc from artificial mails which may contain virus….

Dr Amitabh Mehta
Dr Amitabh Mehta
5 years ago

Thank you

G.VENKATESWARA RAO
G.VENKATESWARA RAO
5 years ago

Quick heal is the best anti virus.please tell us more informations

A.Ray
A.Ray
5 years ago

i use quickheal in both my laptop & handset.
How I can confirm that my devices are not affected ?

RAKESH
RAKESH
5 years ago

THANKS FOR ALERT……

B.S. KARTHICK BABU
B.S. KARTHICK BABU
5 years ago

Thanks to Quick Heal for providing their earlier alarm updates about threats and protecting us from dangerous virus attacks. I appreciate your prompt service and keep it up always..

Abhishek Patil
Abhishek Patil
5 years ago

Thank you Quick Heal for updating me with the latest threats which I was not known for.

Mahesh Patel
Mahesh Patel
5 years ago

Thanks Rahul

Kirit Dave
Kirit Dave
5 years ago

Thanks for updating your customers. Please continue the good work.

R. Ch. sur
R. Ch. sur
5 years ago

thanx for the alert qheal.

Yamin Chowdhury
Yamin Chowdhury
5 years ago

Good job! Thank you for the alert! Keep doing this in future.

Deepak Dutta
Deepak Dutta
5 years ago

Thank you for the update.Very valuable information.

Abhishek rajan
Abhishek rajan
5 years ago

10x for the alert

sujay
sujay
5 years ago

thanx…

I think thats why my Anroid is not comfortable in opening the google and related sites. even play store is not working

prakash thosar
prakash thosar
5 years ago

thanks , keep it up !!!!

PAKHAJANWALA HIREN SHANTILAL
PAKHAJANWALA HIREN SHANTILAL
5 years ago

Thank you quick heal for always updating us on the threats we might face on the internet or otherwise with our systems. Really appreciate your service

Adorable
Adorable
5 years ago

This was helpful!

Hirdesh Kumar
Hirdesh Kumar
5 years ago

Thanks for the alert.
Keep us informed.
Hirdesh Kumar

VIRENDRA SHARMA
VIRENDRA SHARMA
5 years ago

Thank you quick heal.

abhishek k
abhishek k
5 years ago

you all r great at what u do..thanks for informin us..

Shivkumar Sharma
Shivkumar Sharma
5 years ago

Thank you quick heal for always updating us on the threats we might face on the internet or otherwise with our systems. Really appreciate your service

dilip kumar singh
dilip kumar singh
5 years ago

I heartily appreciate to inventors who are working for safety of human kind, as ultimately it is not the person who is sufferer against such attacks but it is also his/her family who are dependent on him/her.

Santosh Shahane
Santosh Shahane
5 years ago

Thanks for the information and alert Quick Heal.
Please let me know that similar attack is for Windows OS and windows phones.
Thanks Again.

vijaykumar Narwade
vijaykumar Narwade
5 years ago

QUICKHEAL, Thanks for the alert blogs.

Rahul
Rahul
5 years ago

registered quick heal antiwris

Jasbir Singh
Jasbir Singh
5 years ago

What about remedial measures for those already affected?

madhu
madhu
5 years ago

sir,
thank U for updating the information on new virus attacks

k k reddy
k k reddy
5 years ago

Thank you

S. J. SEBASTIAN
S. J. SEBASTIAN
5 years ago

Appreciate for the FREAK attack news. The manufacturers of Android and Apple should make some positive software measures that FREAK should not intrude such products.

Ashok Rath
Ashok Rath
5 years ago

Thanks QH. I browse NG frequently, use Airtel often. Have been using QH, for more than 7 years, very dependable. ThanQ for the alert.

M.S. Rathore
M.S. Rathore
5 years ago

thanks for the alert & doing needful at your end

vansh
vansh
5 years ago

very good

BABULI CHARAN JENA
BABULI CHARAN JENA
5 years ago

THANKS FOR ALLOT GIVE A SOLUTION TO RECOVER.

BABULI CHARAN JENA
BABULI CHARAN JENA
5 years ago

IWILL WAIT FOR YOUR SOLUTION.

aditi
aditi
5 years ago

what sud I do when I got alert ?

how to protect?

Devesh K Patel
Devesh K Patel
5 years ago

Thank you For your valuable information. i am a developer but still i afrai by this type of problem. it is a very good effort to alert people

Narhari Sharma
Narhari Sharma
5 years ago

Will this FREAK flaw affect my p.c. Which is secured by quick heal total security, My PC working very slow, Please help me………

chander shekhar prajapat
chander shekhar prajapat
5 years ago

what is this sir i rqst 4 u please update my quick heal antivirues

BIMAN KAR
BIMAN KAR
5 years ago

Thanks for the info. I am worried because I frequently use the Axis Bank and Airtel services. And I am worried about those who use the ‘Gaana’ service. Could become ‘begaana’ if things go wrong.. I am also suffering from a different kind of FREAK attack-courtesy QHTS. It is called ‘ FRequent Error Message Announcement in my Komputer’ It involves such esoteric cautionary messages like ” Your Firefox running without Sandbox protection” or Antivirus Protection is Off etc when I first plugin to my system. With a license valid till 2018 and all Security features ckecked ‘ON’ it is a… Read more »

Rajiv Singha
5 years ago
Reply to  BIMAN KAR

Hi Biman, Thank you for using our product. The Sandbox protection feature basically secludes your browsers from the real environment of your PC. This is so because if any malicious file gets downloaded from your browser, it will remain in the Sandbox environment and will be prevented from reaching your real PC. Hence, the message is simply an advisory that you receive if your browsers are not Sandboxed. About the second message “Antivirus Protection is Off”, our engineers would be glad to look into it and provide you with a solution. You can chat with them at https://bit.ly/QHSupport. To add… Read more »

Longjam Langamba Angom
Longjam Langamba Angom
5 years ago

Dear Rahul,

Thanking you for the day to day upgraded freaking virus attacks.

sid
sid
5 years ago

Will this affect my smartphone?

74
0
Would love your thoughts, please comment.x
()
x