Heartbleed May Be the Worst Security Hole The Internet Has Ever Seen
- Created: Friday, 11 April 2014 15:57
The Heartbleed virus allows hackers to exploit a flaw in the encryption software OpenSSL.
OpenSSL encryption software is used by a majority of major websites and is designated by a small closed padlock symbol and “https” on Web browsers.
When a secure connection is made between two computers, one computer may check if the other computer is available. The computer would check by sending a small packet of data, called a heartbeat, which the other computer then confirms. A hacker can use a fake packet of data, which tricks the computer into responding with data stored in its memory. The hacker then has access to steal personal information such as credit card numbers and passwords.
A patched version of OpenSSL has been released, now it is up to each site to apply this patch.
Do not log into accounts from affected sites until you are sure the company has patched the problem.
Once you have confirmation of the security patch you will need to change your password.
LastPass has created a tool that will check a site to see if it effected by this virus:
Read more for a list of sites that have been effected and have applied the security patch: