You are here: Home Blog ClearView IT 20-Year-Old Exploit Finds New Life as ROBOT

ClearView IT Blog

ClearView IT has been serving the Phoenix area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

20-Year-Old Exploit Finds New Life as ROBOT

ClearView IT Blog Alerts
0 Comments
20-Year-Old Exploit Finds New Life as ROBOT

There is no shortage of threats on the Internet, from situational issues to deliberate attacks meant to damage your company or steal your valuable data. While new threats pop up almost every day, some have been around for some time--so long, that many seem to not consider them as viable threats.

This can be seen in many considerably-sized Internet companies, including the likes of Facebook and PayPal, which recently tested positive for a vulnerability discovered in 1998 that enabled encrypted data to be decrypted.

When it was first discovered by researcher Daniel Bleichenbacher, this exploit was found in the secure sockets layer, or SSL, encryptions that protected (and still protect) many web platforms and websites. The algorithm that powers the RSA encryption has a flaw that permits a hacker to decrypt ciphertext without the key. The error messages that the encryption presents give hackers enough information to crack it.

As it would happen, instead of eliminating and reworking the flawed RSA algorithm, the SSL architects at the time simply created workarounds to limit the error messages.

This crypto-vulnerability, codenamed “Oracle,” provides “yes” and “no” answers to queries. This means that cybercriminals can phrase their queries specifically enough to ultimately retrieve enough information to form a detailed picture of the encrypted contents. This method is referred to as an adaptive chosen-ciphertext attack.

Recently, researchers have discovered that this vulnerability can be found on over a quarter of the 200 most-visited websites on the Internet, and on around 2.8% of the top million. Naturally, this includes Facebook and PayPal.

Researchers explained the oversight of what is now being called ROBOT, or Return Of Bleichenbacher’s Oracle Threat, as the result of too much focus being directed towards new threats, and the older ones being neglected as a result. As they said in a blog post:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

These researchers sent their findings to vulnerable sites before going public so that a patch could be created.

Having a comprehensive understanding of the threats that are poised to damage your business will greatly help you keep it secured. We can help. For more information, reach out to ClearView IT today at 866-326-7214.

Tweet
Tags:
Malware Robot Vulnerabilities
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 05 July 2025
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Search the Blog

Blog Categories

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Hackers Productivity Software Network Security Privacy Data Cloud Business User Tips IT Support Internet Hardware Innovation Email Hosted Solutions Malware Efficiency Workplace Tips Computer Microsoft Google Collaboration Android Cybersecurity Phishing Business Management IT Services Backup Ransomware Data Backup communications Smartphone Small Business Microsoft Office Upgrade Smartphones Network Mobile Devices Communication Data Recovery Managed IT Services Quick Tips Productivity VoIP Users Social Media Mobile Device Tech Term Automation Windows 10 Facebook Business Continuity Disaster Recovery Covid-19 Passwords Holiday Apps Managed Service Windows 10 IT Support Browser Miscellaneous Cloud Computing Outsourced IT Managed Service Provider Data Management Remote Work Internet of Things Operating System Government Saving Money Workplace Strategy Windows Gadgets Artificial Intelligence Managed IT services Networking App Business Technology Virtualization Blockchain Spam Server Information Remote Bandwidth Encryption WiFi Mobile Device Management Gmail Office Apple Two-factor Authentication Information Technology Office 365 History Employee/Employer Relationship Budget Big Data Conferencing Access Control Health Data Security Cybercrime Wi-Fi Analytics BDR Voice over Internet Protocol Help Desk IT Management Hacking Cost Management Training Document Management Employer-Employee Relationship Hacker Save Money Patch Management Vendor Compliance Remote Computing Remote Monitoring Vendor Management Hard Drive Mobile Office Managed Services Data loss Search... Legal Best Practice Data storage Money Retail Customer Service Alert Unified Threat Management Firewall Hiring/Firing Applications Outlook Augmented Reality Word Password Project Management Vulnerabilities BYOD IBM Website Computing Remote Workers Mobility Meetings Windows 7 The Internet of Things YouTube Mobile Computing Free Resource Twitter Google Maps Windows 11 Scam Marketing How To Law Enforcement End of Support Running Cable Laptop Printer VPN Storage Update Social Sports Travel SaaS DDoS Virtual Reality Data Breach Social Engineering Paperless Office Cryptocurrency Antivirus User Black Market Maintenance iPhone Cleaning Education Cortana Robot Content Filtering Monitoring Chrome Healthcare Websites Router Vulnerability Saving Time PowerPoint Administration Software as a Service Chromebook Managed Services Provider Drones Data Protection Computers Bitcoin Automobile Presentation Virtual Private Network Specifications Telephone IT Consultant How To Current Events Wireless Technology Microchip Customer Relationship Management Excel Solutions eWaste Flexibility Co-Managed IT Entertainment Integration Tech Terms Images 101 Downtime Hack Safety Identity Theft Display Managed IT Notifications Digital Virtual Assistant Unified Communications Virtual Desktop Employees Experience Google Docs Bluetooth Taxes Avoiding Downtime Distributed Denial of Service Holidays Office Tips Processor Private Cloud HIPAA Memory Cooperation Disaster Video Conferencing Physical Security Virtual Machines Politics Machine Learning Computer Repair Settings Lithium-ion battery Multi-factor Authentication Start Menu Professional Services Downloads Solid State Drive Computer Care Processors Uninterrupted Power Supply Wireless Headphones Memes Webcam Microsoft Excel Securty Books Tech Human Resources Business Mangement Going Green Net Neutrality Domains Language Business Cards Society Error Financial Data Tablets IT Monitors Smart Technology Visible Light Communication Electronic Payment Bookmark Risk Management Reading Google Calendar Term Google Apps Download Supercomputer Piracy Windows 8 Virus Telework HTML Phone System Nanotechnology Communitications Public Speaking Displays Motion Sickness Microsoft 365 Advertising Browsers Smartwatch Relocation Comparison Google Play Streaming Media Google Drive Upload Procurement Work/Life Balance Software License Tech Support Social Network FinTech Keyboard Corporate Profile Screen Reader IT Assessment Hard Drives Supply Chain Knowledge Data Analysis CES Television Security Cameras In Internet of Things Telephony Trends Supply Chain Management Employer Employee Relationship Mobile Technology Value intranet Customer Resource management Organization Wireless Hacks Computer Accessories Cabling Devices Cyber security Shortcut Network Congestion Tablet Smart Devices Heating/Cooling Writing Workplace G Suite Tip of the week Environment Fileless Malware Reliable Computing Mouse Windows XP VoIP Gamification Remote Working Tracking Company Culture Social Networking Telephone System AI Regulations Trend Micro Backup and Disaster Recovery Electronic Health Records Scams Web Server Transportation Directions Digital Security Cameras Scalability SharePoint Administrator Content Text Messaging Digital Payment Desktop Wasting Time Proactive IT Modem Electronic Medical Records Bring Your Own Device Worker Accountants eCommerce Access Database Surveillance Cables Videos Troubleshooting Time Management Public Cloud Managing Costs Music SSID Health IT Staffing Equifax Audit Media Spyware Tactics Development IP Address Point of Sale Hard Drive Disposal Employer/Employee Relationships Botnet Username File Sharing Virtual Machine Startup Optimization Micrsooft Shortcuts Freedom of Information Redundancy Reviews Rental Service Navigation 2FA Cache Addiction Flash email scam Teamwork Business Owner Unified Threat Management Data Storage Telephone Systems Workers Mobile Security Hypervisor Business Growth Legislation Competition Be Proactive News Medical IT User Tip Shopping Recovery Printing Evernote Paperless Network Management CCTV SQL Server LiFi Touchscreen PCI DSS Banking Licensing Entrepreneur Google Wallet Emails Humor Application Deep Learning Workplace Strategies Computer Malfunction Fake News Emergency Proxy Server Gig Economy Documents Messenger Business Communications Vendor Mangement Service Level Agreement Internet Service Provider Computing Infrastructure Azure Business Intelligence Inbound Marketing Management Regulations Compliance Business Metrics Samsung Device security Managed IT Service Hosted Solution

Blog Archive

Recent Comments

No comments yet.

Interested In A Free Consultation?

Click Here