June 24, 2024 at 12:25PM
Researchers from Graz University of Technology have discovered a new method, SnailLoad, which enables remote attackers to infer websites and content viewed by a user without direct access to their network traffic. The attack is efficient and does not require a person-in-the-middle position or code execution on the victim’s system. Possible mitigation is difficult due to the way the internet works.
Summary:
Researchers from Graz University of Technology in Austria have discovered a new attack method called SnailLoad, which allows remote attackers to infer the websites and content viewed by a user without directly accessing their network traffic. This side-channel attack is more efficient and does not require a person-in-the-middle position or code execution on the victim’s system. The attacker conducts latency measurements of targeted websites and YouTube videos being viewed by the victim, creates a fingerprint for each, and then gets the victim to load content from a malicious server. By comparing the latency data obtained with the fingerprint, the attacker can infer which videos or websites the victim is viewing. The attack leverages bandwidth bottlenecks to make latency measurements and can achieve an accuracy ranging between 37% and 98%. The researchers will present their findings at the Black Hat USA 2024 cybersecurity conference and have published a paper and set up a website providing details and a demo of the attack.
Let me know if you need any more information.