2

Following on from this question about a WiFi OTA vulnerability: assume a popular computing platform has a known vulnerability that would allow creation of a worm with access to ring 0 (kernel). Then, how likely is it / how long would it take before a malicious worm was created that targeted:

  • The general population
  • A special subset of users, such as workers at a particular organisation such as a hospital
  • Specific people of interest, such as politicians or celebrities

I'm interested in both anecdotal accounts and formal studies. I found this paper, but it seems to be behind a paywall. As an aside, what terms would you use to search for this information?

Edit To make this easier to answer, let's be specific: how likely is it that the recent WiFi vulnerability (which is still* unpatched on many phones) will actually be exploited?

As an example of why I think this threat is real: an exploit might gather the location of all users with an unpatched phone. That has to be worth something to somebody (and so might make it worthwhile to implement).

* as of 14 Apr 2017

z0r
  • 333
  • 2
  • 8

1 Answers1

1

The answer must vary dramatically based on many factors which are specific to the individual exploit. For instance, consider how easy it is to actually cause the exploit. The harder it is to write a worm which leverages that exploit, the longer it will take. As a trivial lower bound, consider if you published openly that your root password was "password" and was accessible by SSH. How long would it take for someone to take advantage of that? Compare that with Heartbleed, which in theory can cause unspecified damage by revealing random blocks of memory to the attacker (including revealing passwords that could arguably lead to ring 0 compromise in particular circumstances). It was considered to be a big deal because it was a substantial bug in openSSL, by in practice it was deemed less risky than other exploits because it required more effort on the part of the attacker to hit pay dirt.

Cort Ammon
  • 9,206
  • 3
  • 25
  • 26