According to the researchers, the technique is effective against about 80 percent of desktop machines, they explained that it could be used to hack PC running a recent model Intel CPU, such as a Core i7, and any browser supporting HTML5.
“We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in this genre, this attack does not require the attacker to install any software on the victim’s machine — to facilitate the attack, the victim needs only to browse to an untrusted webpage with attacker-controlled content. This makes the attack model highly scalable and extremely relevant and practical to today’s web, especially since most desktop browsers currently accessing the Internet are vulnerable to this attack. “
The researchers urge IT giants Apple, Google, Microsoft and Mozilla upgrade their browsers to mitigate the spy in the Sandbox attack, there is the concrete risks that it could be carried out by criminal crews in the wild, because it doesn’t require specific effort:
“This is a very low-cost attack which would probably be used by small-time bad guys – the same creeps who bombard you with pop-up ads will probably add this to their popups so they can track you while they distract you,” said Oren.
The research conducted by the experts is the continuation of another interesting study related the last-level cache attacks that could be carried out to recover information belonging to other processes, other users and even other virtual machines running on the same physical host as the victim’s web browser.
“Our attack, which is an extension of the last-level cache attacks of (Adelaide University’s) Yuva Yarom, allows a remote adversary recover information belonging to other processes, other users and even other virtual machines running on the same physical host as the victim web browser,” state the researchers.
The cache is impacted for every access that is faster than others, data retrieved with this technique allow the attacker to map the pattern of memory accesses to keystrokes and mouse movements.
The researchers explained that the exploit cannot steal any passwords or data, but it can be used to spy on victim’s activity and an attacker can use the browser history for financial theft or other malicious purposes.
Dr Oren and his team will not release the exploit code until the browsers are patched, meantime close unused tabs when you are using on something important.
“In the meantime the best suggestion I have for end-users is: close all non-essential browser tabs when you’re doing something sensitive on your computer,” he says.