Blisk Browser Exposes 2.9 Million Records in a 3.4 GB Data Leak
- The company behind the Blisk browser has been exposed to malpractice and unsafe data handling.
- High-profile users from around the world have had their emails and IP addresses exposed.
- The data was unencrypted, stored online without protection, and stayed up for at least a week.
Researchers from the vpnMentor team have discovered a data leak of 3.4 GB, containing over 2.9 million records. The leak was the result of a misconfiguration that happened on the systems of the creator of the “Blisk” browser, a specialized web browser that is used by web developers, UX designers, and web engineers. The worst part according to researchers Noam Rotem and Ran Locar who discovered the data, is that it appears to be a collection of information that the browser gathered from the user systems, although it shouldn’t have.
The discovery was made on December 2, 2019, and the owner was contacted two days after that. Finally, the database that contained the user data was secured on December 9, 2019, so we have at least a full week of exposure. As for what information was contained in the entries, this includes the following:
- Email addresses
- IP addresses
- User-Agent details
One of the exposed email addresses was registered by the Californian government, so the user was a high-profile individual or entity. Of course, there are users from various countries in the data, including but not limited to Germany, France, the United Kingdom, China, Italy, Russia, Japan, Australia, Brazil, Czech Republic, South Africa, and Hungary. Blisk boasts about their clientele on their website, claiming that professionals working for NASA, Microsoft, Apple, eBay, and UNICEF are using their specialized browser.
If the exposed email addresses were to fall into the wrong hands, the compromised Blisk users would have to sustain spam email, phishing, and malware infection attempts. The IP addresses would enable attackers to scan for open ports or ping the target system to check what OS or services are running there. As for the user agent data, this would enable the attackers to develop custom exploits if they’re determined enough to hit the particular target. In the case of web developers, the user agent details would give away what dev tools they are using, so hackers could potentially try to introduce a supply chain backdoor.
If you are using Blisk, you should better contact the company and ask for explanations about what happened and how they are planning to address the arising exposure problems. The company has collected your data in an improperly aggressive manner, didn’t bother to encrypt it, and finally failed to protect it by leaving it on a passwordless online database.