June 11, 2021

Can FinFisher Backdooring on the fly bypass HTTPS Connections?

So, as I understood, ISPs can redirect you when downloading Apps or Updates (let’s say VLC) from the official link, to another Link of VLC which is infected with the FinFisher Malware.
Does this work, if the link you’re downloading from uses HTTPS?



There’s a lot of variables that make a “yes” or “no” answer difficult, but HTTPS relies on certificates and if someone redirected you to a fake website, even if the domain was spoofed, the certificate would not be. That’s what the “S” in HTTPS is for. Your web browser if configured properly and kept up to date would realize this and would require you to click through multiple warnings before allowing it, if allowing it at all.

The variables are things like:

* If they infect your PC and are able to modify your proxy/DNS/certificate settings

* Is the VLC website itself infected, if yes, then HTTPS goes out the window

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.