Recently the security researchers found a severe vulnerability that allows hackers to remotely access computers running the Red Star OS, just by tricking users into clicking on a hyperlink.
Now The Super-Secure Red Star OS Can Be Hacked With Just A Link
The Red Star OS is one of the significant reasons the North Korean government is proud of. This is a North Korean Linux operating system whose development was started in early 1998 at the Korea Computer Center (KCC). The Red Star OS was considered as the safest operating system of the Korea which was actually used to protect all the information of the citizens of the country.
Being an own distribution and controlled by the state itself, it has all the available resources. But, this system which was thought to be completely protected now has a security breach, which can be easily exploited.
The country North Korea uses the Red Star OS simply to avoid other operating systems as they believe that other operating systems contain backdoors which were actually created simply to spy on the country. Hence, they use their own Linux distribution which ensures them the highest standards of security and usability.
But to counter this idea, the security analysts of the Hacker House company claims that the exposure of North Korea’s OS vulnerability was timed to “mark Red Star’s anniversary leak”. As they found a severe vulnerability that could easily allow any hacker or attacker to remotely gain access to the computers running the Red Star OS, just by tricking users into clicking on a hyperlink.
So, now it is clearly visible that how the Red Star OS is secure, as a simple link can allow any hacker or attacker to remotely gain access to the computers running the Red Star OS. Once compromised, it is simple to install malware or steal data from the computers on which it is running.
The failure is actually detected in the browser used by Red Star OS, the Naenara, which is based on Firefox. By causing users to click on a simple link, the door is opened to attackers who can then easily perform all the desired operations they want.
According to the security firm Hacker House “Whilst probing for vulnerabilities it was noticed that registered URL handlers were passed to a command-line utility “/usr/bin/nnrurlshow”. This application (aside from having null ptr de-refs and other cute bugs) takes URI arguments for registered URI handlers when handling application requests such as “mailto” and “cal”. Naenara doesn’t sanitize the command line when handling these URI argument requests and as such you can trivially obtain code execution by passing malformed links to the nnrurlshow binary”.
The problem is, as you can read, in the way that Naenara treats the links and parameters that it receives on those same links. But, this is not the first security flaw that security analysts have find out about the Red Star, nor it is the most compromising, but it does show that despite all the advertising this is a flawed system like any other system.
So, now it is clear that the country North Korea which claims that its Red Star OS is fully protected against its enemies is now turned to be false. As they have created a system that is vulnerable to them.