Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11DNS error allows to hack millions of PCs on all Blizzard games
On January 22, Google researcher Tavis Ormandy discovered a Rebinding DNS error that allowed anyone to pretend to be a server to update and distribute malicious code when Update Agent thought it was a game update.
Specifically, according to the bug report, the Blizzard Update Agent contains a JSON RPC server that other applications send commands to interact with the Agent. According to Ormandy, he can use the browser and bring JavaScript code to users, attack the server and "force" the Agent's update server to the infected server.
The Blizzard Update Agent is silently patched
After Ormandy revealed this error on Twitter and said that Blizzard patched it without saying anything.
The Blizzard Update Agent update (version 5996) takes the name of the application when sending the command to the JSON RPC server, computes a 32-bit hash string FNV-1a and compares it to the list of unauthorized applications.
The vulnerability fake Blizzard game updates
While Ormandy offered to use the whitelist, Blizzard came up with a blacklisted solution, which he considered "perfect and maintained" so the way Blizzard applied was too simple.
Maybe many other applications get the same error
Ormandy created a PoC page to simulate a DNS Rebinding attack using the Blizzard Update Agent.http://lock.cmpxchg8b.com/yah4od7N.html. There are also other sites to attack on other applications and to find other applications with similar errors. https://lock.cmpxchg8b.com/rebinder.html
Ormandy had earlier found this error in Transmission BitTorrent.
See more:
- Quickly register to play Age of Empires 4K upgrade version of the graphic
- Quickly download 6 games that are free for a short time
- How to install the Rules Of Survival game on PC
Micah SotoYou should read it
- Legendary Warcraft game will have a mobile version in 2022
- Diablo IV was officially announced, top notch graphics, impressive trailers
- The series of pictures showing the world filled with wonders, the imagination of people is far from catching up
- StarCraft II becomes a free game
- The best deck building tips in Hearthstone
- How to Download World of Warcraft for Free
- How to play Ultra Cold mode - Cold Front Survival PUBG Mobile
- The man lived only by hacking online games for 20 years
May be interested
- Call of Duty prevents hacking by making real gamers invisible
a new anti-hack and cheat method is being developed by the game call of duty. - 'Hack' Google Chrome's dinosaur game to make your T-Rex immortal and at max speedyou can use cheat codes to 'hack' this game to help your t-rex win on the endless racetrack in a super simple way.
- 4 ways to hack Facebook you should know to protect your Facebook accountpeople use facebook as a tool to connect, but there are people who use this connection for bad purposes. this article will show you how to hack facebook and how to prevent it to protect your facebook account.
- Can cybercriminals use ChatGPT to hack your bank or PC?chatgpt can be used for nefarious things. for instance, hackers can use it to create malicious content, such as writing fake emails to gain access to your pc or even your bank account.
- Diablo IV was officially announced, top notch graphics, impressive trailersblizzard has announced diablo iv on the stage of blizzcon 2019.
- Top 5 best soccer games on PC 2025football is always the king of sports, attracting millions of fans around the world, and pc football games are no less attractive. if you are a fan of this sport, discover the top 5 best pc football games of 2025 to join dramatic and fun matches with friends.
- How to Use the Grepolis Hack Tool (PRO V2)with grepolis hack tool, you can generate free resources like gold. grepolis hack is 100% safe. using it is a simple process, luckily. download grepolis hack archive.
- Here's how I hack 40 websites in 7 minutesnow, i will detail how i hacked the server containing 40 websites.
- Discover the huge 'game store' of millions of Facebook games from the Windows Desktopfacebook has a huge pool of free games, and this is your way to explore all of them
- How to Speed Hack or Break Through Walls in ROBLOXtoday's tipsmake will show you how to hack roblox to change your character's movement speed (also known as speed hack). note: hacking roblox is against the software terms of use (terms of service), meaning your account may be banned; we also cannot hack roblox on mac computers. unfortunately, as of may 2018, there is no way to hack through walls (no-clip) in roblox without downloading an infected file.
Attack the network
- Now even YouTube ads use CPU viewers to dig virtual money
- Campaign to distribute spyware aimed at macOS in Vietnam
- There are vulnerabilities that allow hackers to bypass the fingerprint security mechanism of Lenovo computers
- The Ministry of Public Security warned users to warn of bank account theft when withdrawing money at ATMs
- Hacker was jailed for 2 years for DDoS attacks against Skype and Google
- Adobe Flash Player has a serious zero-day vulnerability
Now even YouTube ads use CPU viewers to dig virtual money
Campaign to distribute spyware aimed at macOS in Vietnam
There are vulnerabilities that allow hackers to bypass the fingerprint security mechanism of Lenovo computers
The Ministry of Public Security warned users to warn of bank account theft when withdrawing money at ATMs
Hacker was jailed for 2 years for DDoS attacks against Skype and Google
Adobe Flash Player has a serious zero-day vulnerability