Attackers exploit Heartbleed vulnerability to bypass multifactor authentication

Washington, Apr. 20: Security company Mandiant has reportedly said that a walled-off virtual private network of a client was breached by attackers using the Heartbleed vulnerability.

Mandiant technical director Christopher Glyer said that the breach is one of the earliest instances of attackers using Heartbleed to bypass multifactor authentication and break through a VPN.

According to Cnet, while much of the Internet discussion of Heartbleed has focused on attackers taking advantage of the vulnerability to steal private encryption keys, Glyer said the attack against the unnamed Mandiant client indicates that session hijacking is also a risk.

He said that beginning on April 8, an attacker leveraged the Heartbleed vulnerability against a VPN appliance and hijacked multiple active user sessions.

Meanwhile, it’s not clear from the report if data was stolen from the affected organization, the report added. (ANI)