Report: NSA exploited Heartbleed for years2014-04-11 17:45 by Daniela
Tags: NSA, security, Heartbleed
After recent revelations about the existence of Heartbleed security flaw in OpenSSL encryption, Friday afternoon, Bloomberg reported that the National Security Agency has been aware of and actively exploiting the Heartbleed bug for at least two full years, citing "two people familiar with the matter."
Putting the Heartbleed bug in its arsenal, the NSA was able to obtain passwords and other basic data that are the building blocks of the sophisticated hacking operations at the core of its mission, but at a cost. Millions of ordinary users were left vulnerable to attack from other nations' intelligence arms and criminal hackers.
However, the National Security Agency denied to have been aware of the bug.
Web services have scrambled since the revelation of Heartbleed to fix the bug. Several companies including Facebook, Google and Yahoo have confirmed they are clear. Most recently, Apple confirmed to Re/code its services like iOS and Mac OS X were not impacted.
Read more -here-