“The Spy in the Sandbox” a new attack which can easily hack eight out of ten computers
The Cornell University researchers, Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan and Angelos D. Keromytis state that ‘The Spy in the Sandbox’ is the first micro-architectural side-channel attack which runs entirely within browser. Unlike other exploits, the potential hacker does not need to install any special software/inject any malware in the victim’s computer to carry out the spy in the sandbox attack.
The researchers state “Our attack, which is an extension of the last-level cache attacks of Yarom et al., allows a remote adversary recover information belonging to other processes, other users and even other virtual machines running on the same physical host as the victim web browser. We describe the fundamentals behind our attack, evaluate its performance using a high bandwidth covert channel and finally use it to construct a system-wide mouse/network activity logger. Defending against this attack is possible, but the required countermeasures can exact an impractical cost on other benign uses of the web browser and of the computer.”
The exploit then records the time it takes for the victim’s PC to run various operations in the cache memory, using the browser’s own high-resolution timers. By studying the time it takes for memory access to take place, the hacker can get an accurate picture about a user’s browser history, keystrokes and mouse movements.
The researchers state that the exploit cannot steal any passwords or data but rather records the data inflow which can help a potential hacker can then clone the users keystrokes and use the browser history for financial theft or malicious purpose.
A side-channel attack is any attack that is based on interpreting the information gained from what’s going on inside a computer and then using the information for malicious purpose.
You can download the research paper on The Spy in the Sandbox here (PDF) .