Shadowserver, a nonprofit organization that provides cybersecurity and online threat response services, has discovered more than three million vulnerable email servers on the Internet. As Shadowserver explains, these 3.3 million mail servers rely on POP3 and IMAP, two protocols used to access email.
They actually allow your email client (like Gmail, Outlook, Spark, Thunderbird or Apple Mail) to retrieve messages from the server. IMAP is the ideal protocol if you consult your emails on several devices (phone, computer, or tablet). It keeps your messages on the server and syncs them between all your devices. For its part, POP3 downloads emails to a single device, making them accessible only on that device.
Also read: Two botnets attempt to hack obsolete D-Link routers
Passwords in danger
Unfortunately, the identified servers are without TLS encryption (Transport Layer Security), a secure communications protocol. It is designed to protect data exchanged between a client (such as a browser or messaging application) and a server and ensure that the information passes confidentially. These unsecured servers are found all over the world.
This absence of encryption “means that usernames/passwords are not encrypted during transmission”explains the non-profit organization in a publication published on X. Clearly, emails downloaded or read can be intercepted by a third party. This is also the case for passwords supposed to secure messaging. Servers pinned by Shadowserver are therefore at the mercy of cybercriminals.
As Shadowserver points out, servers are particularly vulnerable to attacks called “network sniffing”. This type of offensive consists of intercepting and analyzing data passing through a network in order to recover sensitive information, such as usernames, passwords or more personal data, especially if it is not encrypted.
Also read: How the NSA can decrypt communications on the Internet
An estimate to be added urgently
Shadowserver researchers promptly alerted all operators of the vulnerable servers toadd TLS encryption. In a report addressed to operators, the organization recalls that “passwords used to access your email can be intercepted by a network eavesdropping tool”.
Moreover, “Insecure access to the service may enable password guessing attacks on the server”. It is important that server operators take emergency measures to ensure the confidentiality of Internet users’ exchanges.
???? To not miss any news from 01net, follow us on Google News and WhatsApp.
Source :
Bleeping Computer
