Security News > 2021 > September > New SpookJS Attack Bypasses Google Chrome’s Site Isolation Protection
A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data in a Spectre-style speculative execution attack.
Dubbed "Spook.js" by academics from the University of Michigan, University of Adelaide, Georgia Institute of Technology, and Tel Aviv University, the technique is a JavaScript-based line of attack that specifically aims to get around barriers Google put in place after Spectre, and Meltdown vulnerabilities came to light in January 2018, thereby potentially preventing leakage by ensuring that content from different domains is not shared in the same address space.
"An attacker-controlled webpage can know which other pages from the same websites a user is currently browsing, retrieve sensitive information from these pages, and even recover login credentials when they are autofilled," the researchers said, adding "The attacker can retrieve data from Chrome extensions if a user installs a malicious extension."
"These attacks use the speculative execution features of most CPUs to access parts of memory that should be off-limits to a piece of code, and then use timing attacks to discover the values stored in that memory," Google noted.
With the feature enabled, Chrome browser versions 67 and above will load each website in its own process, and as a result, thwart attacks between processes, and thus, between sites.
In response to the findings, the Chrome Security Team, in July 2021, extended Site Isolation to ensure that "extensions can no longer share processes with each other," in addition to applying them to "sites where users log in via third-party providers.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/6BCg_n44FJA/new-spookjs-attack-bypasses-google.html
Related news
- Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks (source)
- Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks (source)
- Google Chrome gets real-time phishing protection later this month (source)
- Google Chrome: Security and UI Tips You Need to Know (source)
- Google Introduces Enhanced Real-Time URL Protection for Chrome Users (source)
- Google fixes Chrome zero-days exploited at Pwn2Own 2024 (source)
- Google agrees to delete Chrome browsing data of 136 million users (source)
- Google fixes one more Chrome zero-day exploited at Pwn2Own (source)
- Google Cloud Next 2024: New Data Center Chip and Chrome Enterprise Premium Join the Ecosystem (source)