The cracking of Adobe’s internal database is gearing up to be the scariest hack of the year.
Adobe has admitted that it has had its source code nicked by hackers along with 38 million passwords of customers. Later it found data on 152 million Adobe customers on a site frequented by cybercriminals, suggesting that the hack was worse than expected.
However, what appears to be even worse is that the hackers took the source code for Cold Fusion and Acrobat. It is thought that Photoshop and Reader were similarly accessed. With all this software in the paws of the hackers this means that none of this software, which powers a huge chunk of the net, is secure.
According to Good Morning America while this is bad news for Adobe as its products will now be easy to pirate, it does mean that cybercriminals can use the software to create online versions designed to breach systems.
If you see a PDF online and download it, the re-engineered source code could take over your computer completely. It only works because the hackers have what looks like a legitimate piece of software as a front.
Hackers with their paws on source code are more likely to find flaws in the software which they can take out. Proprietary software depends on hackers not having the source code to find such weaknesses. Open sauce software depends on everyone having the source code and the bugs found by outsiders. At the moment Adobe is operating in the worst of both worlds and that could easily be its undoing.
Adobe is trying to keep a lid on news about the hack and its consequences. The reason being is that the attack is a lot more serious than the coverage it is getting.
It has warned users to change their Adobe passwords, but it has not yet revealed how it is going to handle the release of the source code.
For the next few months, at least it will be really important for IT managers to warn users about not clicking on sent PDF files or photographs.