Heartbleed Bug Affected Millions of Websites in China
| Qi Qin | | Apr 11, 2014 10:30 AM EDT |
Heartbleed, the most serious bug of the year that could expose passwords, credit card numbers and sensitive information to hackers, has affected a large number of websites in China.
Qihoo 360's Test platform found that 11,440 out of 1,200,000 authorized websites were affected by the bug, a security flaw in OpenSSL encryption.
Like Us on Facebook
A total of 200 million netizens visited the websites that were exposed to the bug, prompting website owners to urgently install fixes.
Email services were also all affected by Heartbleed.
China Financial Certification Authority assured that e-banking was not affected and USBKey can be used normally.
Alibaba, Tencent and other large Internet service companies announced on Weibo that they have already fixed the OpenSSL bug.
Hacker attacks that breached Chinese websites through the Heartbleed bug became apparent early morning on Monday.
Heartbleed is a "nuclear crisis in the Internet landscape due to its potential for damage," said Shi Xiaohong, a security expert with Qihoo 360.
Users cannot protect their information if they have used the services of websites with OpenSSL encryption technology, even if their computers are well protected by anti-virus tools, according to Qihoo 360.
The economic damage caused by the bug is currently unknown, but the Google and Codenomimon researchers who discovered the bug said the two most popular web servers, Apache and nginx, covering about two thirds of websites worldwide, use OpenSSL.
A security fix was released on the day researchers exposed Heartbleed to the public and websites worldwide are scrambling to remedy their vulnerabilities.
"We are focusing on the reports of OpenSSL issue. We will carry out measures to protect users if it indeed affect our devices and services," Microsoft said.
Web experts consider Heartbleed as an honest error committed by Dr. Robin Seggelman, whose coding error resulted to the vulnerability in OpenSSL.
Seggelman, a German programmer, was actually trying to improve OpenSSL when he introduced the patch in January 2011, but an error in programming led to the security flaw, which he described as a trivial error that unfortunately had a widespread severe impact.
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?
