Security News > 2021 > October > New Attack Lets Hackers Collect and Spoof Browser's Digital Fingerprints
A "Potentially devastating and hard-to-detect threat" could be abused by attackers to collect users' browser fingerprinting information with the goal of spoofing the victims without their knowledge, thus effectively compromising their privacy.
Academics from Texas A&M University dubbed the attack system "Gummy Browsers," likening it to a nearly 20-year-old "Gummy Fingers" technique that can impersonate a user's fingerprint biometrics.
"Then, orchestrates a browser on his own machine to replicate and transmit the same fingerprinting information when connecting to ????, fooling to think that is the one requesting the service rather than ????.".
Browser fingerprinting, also called machine fingerprinting, refers to a tracking technique that's used to uniquely identify internet users by gathering attributes about the software and hardware of a remote computing system - such as the choice of browser, timezone, default language, screen resolution, add-ons, installed fonts, and even preferences - as well as behavioral characteristics that emerge when interacting with the web browser of the device.
Thus in the event the website populates targeted ads based on only the users' browser fingerprints, it could result in a scenario where the remote adversary can profile any target of interest by manipulating their own fingerprints to match that of the victim for extended periods of time, all the while the user and the website remain oblivious to the attack.
In experimental tests, the researchers found that the attack system achieved average false-positive rates of greater than 0.95, indicating that most of the spoofed fingerprints were misrecognized as legitimate ones, thereby successfully tricking the digital fingerprinting algorithms.
News URL
Related news
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)