Security News > 2022 > July > New Cache Side Channel Attack Can De-Anonymize Targeted Online Users

The cache-based targeted de-anonymization attack is a cross-site leak that involves the adversary leveraging a service such as Google Drive, Dropbox, or YouTube to privately share a resource with the target, followed by embedding the shared resource into the attack website.

The attack, in a nutshell, aims to unmask the users of a website under the attacker's control by connecting the list of accounts tied to those individuals with their social media accounts or email addresses through a piece of shared content.

The attacks, which are practical to exploit across desktop and mobile systems with multiple CPU microarchitectures and different web browsers, are made possible by means of a cache-based side channel that's used to glean if the shared resource has been loaded and therefore distinguish between targeted and non-targeted users.

"There are two main causes for differences in the observed side channel leakages between targeted and non-targeted users - a server-side timing difference and a client-side rendering difference," the researchers said.

"Knowing the precise identity of the person who is currently visiting a website can be the starting point for a range of nefarious targeted activities that can be executed by the operator of that website."

In a related development, MIT researchers last month revealed the root cause behind a website fingerprinting attack as not due to signals generated by cache contention but rather due to system interrupts, while showing that interrupt-based side channels can be used to mount a powerful website fingerprinting attack.

News URL

https://thehackernews.com/2022/07/new-cache-side-channel-attack-can-de.html