alexalex Posted January 20, 2012 Share Posted January 20, 2012 Rumor turns Rogue - McAfee Software Hacked! Warning! Your computer could be at risk! If you are using a McAfee security product to protect your computer on the internet you should act now. McAfee software has been hacked, turning the affected computers into ?open proxies? and allowing dubious users to hijack their internet connection to access illicit sites and send spam, as if coming from them! It is believed that thousands of computers have been compromised so far, with more being affected every day. In the absence to date of any formal announcement or solution from McAfee on this critical issue, Kaamar are posting this to help other McAfee users prevent damage to their systems and their online reputation. UPDATE 19/01/11: McAfee have announced a patch will be released through the normal automatic update process, when testing is finished on 18th or 19th (US - could be 20th in UK). McAfee Rumor Service Hacked. McAfee Software can include their Rumor Technology which is part of a system for delivering updates to computers without a direct internet connection. It appears to be installed even when not required, along with firewall rules to allow internet access, and one of the tcp ports it uses is port 6515. We do not know exactly how, but this Rumor technology has been hacked so that it acts as an Open Proxy on port 6515. This means that your IP address can be used by anyone to bounce messages and spam on to other sites, as if coming from your address. While there is no indication of any unauthorised access to the files or databases on the affected computers, the massive increase in unwanted traffic can have serious short and long term implications.... http://kaamar.com/blog/rumor-turns-rogue-mcafee-software-hacked Link to comment Share on other sites More sharing options...
Another Canuck Posted January 20, 2012 Share Posted January 20, 2012 Does this article come with a free magnifying glass? Anywho, I Googled this and found this post on the McAfee Blog: http://blogs.mcafee.com/mcafee-labs/vulnerabilities-patched-in-mcafee-saas-for-total-protection tl;dr: It only affects McAfee SaaS and has already been patched. Link to comment Share on other sites More sharing options...
Recommended Posts