Here’s the deal. No piece of software, including webmale software like Roundcube is immune to vulnerabilities. According to the article, there are versions that fix the vulnerability.
The thing is, these attacks talked about within the article were targeted outside the United States, but it can happen anywhere.
While this was sent to probably someone in Russia, emails with attachments and no explanation are bound for trouble if I should say so. I’ve seen links, and attachments where I couldn’t open them or I opened the link and it went somewhere where I didn’t know.
It uses a h r e f based 64 to download a payload. I spaced the letters out on purpose.
Then it will inject an unauthorized log in form which takes the username and password of the session taken being used.
The article talks about what version of Roundcube you should be using if you use Webmail at all.
I don’t like using webmail, and I’ve used it off and on for 20 plus years starting with Hotmail. While providers themselves are not the reason for this discussion, I did get hotmail to work with a mail client.
Roundcube comes with Cpanel, a very popular web control panel that lots of hosts use to administer accounts and for you to administer your account.
I don’t know if these control panels automaticly update things like roundcube, as I can’t see a version number when I log in.
Cpanel used to have three different clients, but Roundcube seems to be the only one being used these days.
Hackers exploit Roundcube webmail flaw to steal email, credentials is the article you need to read.
We want people to read and learn about these things so they can be aware. Thanks so much for reading!
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.