By KEVIN LOHMANER US hackers have successfully used the “zero day” exploit to exploit a bug in a software product that lets them steal information from computers around the world.
The attack, which could have allowed the attackers to steal credit card numbers, passwords and other personal data from tens of millions of computers worldwide, raised concerns that cyber-attacks were becoming increasingly targeted at innocent victims and companies.
A security researcher who called himself Zero Day Lab said the exploit was released by a hacker called Raffi, who was responsible for stealing passwords and email addresses from computers in China, Ukraine, France and Australia.
“This is a classic zero day exploit,” the researcher, KEVin Lohmaner, wrote on Twitter on Wednesday.
“A huge vulnerability is released for free to everyone who needs it, no one can do anything about it.”
He said the attack was likely to be the first such exploit to be publicly released since the disclosure of the NSA’s “PRISM” data-collection programme, which allowed the US to access information from the servers of foreign intelligence agencies.US security agencies said in a statement on Thursday that they were investigating the breach and that the company that makes the security software did not know of the exploit.
“We are aware of the issue, and are actively working to resolve it as quickly as possible,” the statement said.
A spokeswoman for Equifax, the US credit-reporting company, said it had notified the company of the breach.””
We will continue to work to improve our products to address this issue as soon as possible.”
A spokeswoman for Equifax, the US credit-reporting company, said it had notified the company of the breach.
“While Equifax takes all security incidents seriously, we have been notified that an incident involving our products has occurred,” the spokeswoman said in an email.
The vulnerability is a vulnerability in a common software-security patch that Equifax issued in August 2016.
The company patched the flaw in April 2017.
“As soon as we knew about this issue, we immediately patched it,” the company said in the statement.
It said the patch did not fix any security issues in the software and that it would work with the vendor to update the software.
Equifax said it did not expect the vulnerability to impact its users or its business.
“The Equifax team is working closely with the security teams at the companies affected by this incident and we continue to monitor the situation,” the spokesperson said.
The Equigys spokeswoman said the company had already provided the affected users with the latest version of its software.
The company’s chief technology officer, David Gohler, said in June that the breach affected hundreds of thousands of its customers.
He told reporters at the time that Equigry was confident that the software patch had been updated to fix the vulnerability.
“They’ve had the patches in place for two years now,” Gohlersaid.
“And we know the patch has been updated a couple of times already.
So, we’re really confident that we’re going to be able to make sure that this does not affect anybody’s experience.”
It’s going to get fixed in a timely fashion.
“Equifax had already told customers not to use the software until the patch was installed.
In a statement, the company did not provide details on the number of affected customers or how long the company was working on the patch.