A team of researchers has demonstrated that attackers can launch browser-based side-channel attacks that use only HTML and CSS. They even tested this technique successfully on a wide range of platforms, including Apple’s recently introduced M1 chip.
What was discovered?
- The analysis focused on Prime+Probe, a cache side-channel attack technique that can identify which cache sets are accessed by the target and uses that to infer potentially valuable information.
- The attack method has been successfully tested against hardened browser environments such as Tor, Chrome Zero, and DeterFox on devices with AMD, Intel, Samsung, and Apple chips.
- As cache attacks cannot be stopped by reducing timer resolution, any secret-bearing process sharing cache resources with a browser and connecting to suspicious websites is at risk.
Some side-channel attacks lately
- Last week, experts uncovered a new side-channel attack was targeting Intel processors, including the latest models such as Skylake and Coffee Lake, to gather sensitive data.
- A researcher found working exploits for a three-years-old side-channel vulnerability - Spectre (CVE-2017-5753).