The Heartbleed bug, which made recent headlines regarding the vulnerability in OpenSSL, seems t have a companion now. A few hackers claim that they have discovered a new flaw in the latest version of the OpenSSL cryptographic software library.
The unknown hackers have not revealed the entire vulnerability, but have posted a picture of the bug online. The hackers have also made a statement that they wish to sell the exploit for around 2.5 Bitcoins, which amounts to a mere $1,069. The exploit was written in Python, but they haven’t made it public. According to reports on Softpedia, the hacker group has made their email address (bitwasp@safemail.net) public.
On the other hand, security experts are skeptical about the hacker group’s claim. They also believe it to be a money-making scam, as the same email ID was by used the group, in the past that offered to sell user information and source codes from Mt Gox and CryptoAve. The hackers group also stated that they could use the exploit for their personal gains, but want to sell it.
We are not sure about the new vulnerability as yet, but are sure that security experts and the cyber crime departments are already on the case and don’t want to ignore the threat. If the news and the exploit are true, we are sure you will be informed first.
