Cornell University researchers develop “The Spy in the Sandbox” the new attack which can easily hack 8 out of 10 computers

A group of Columbia University security researchers have developed a new way to hack a computer using Javascript.  The Cornell University researchers have named the exploit “the spy in the sandbox” and the researchers state that the exploit can hack any computer running on Intel microprocessor and a Web browser using HTML5.

The Cornell University researchers, Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan and Angelos D. Keromytis state that ‘The Spy in the Sandbox’ is the first micro-architectural side-channel attack which runs entirely within browser. Unlike other exploits, the potential hacker does not need to install any special software/inject any malware in the victim’s computer to carry out the spy in the sandbox attack.

The exploit requires the potential hacker has to lure a victim to an untrusted web page with content controlled by the attacker. Once  the victim is on the specially created website designed by the hacker, the Javascript inside the website launches an App that can view and record the flow of data, both, in and out of the victim’s PC cache. The cache which is the part of the CPU that serves as the intermediary between the high-speed central processor and the lower-speed random access memory or RAM.

The researchers state “Our attack, which is an extension of the last-level cache attacks of Yarom et al., allows a remote adversary recover information belonging to other processes, other users and even other virtual machines running on the same physical host as the victim web browser. We describe the fundamentals behind our attack, evaluate its performance using a high bandwidth covert channel and finally use it to construct a system-wide mouse/network activity logger. Defending against this attack is possible, but the required countermeasures can exact an impractical cost on other benign uses of the web browser and of the computer.”

The exploit then records the time it takes for the victim’s PC to run various operations in the cache memory, using the browser’s own high-resolution timers. By studying the time it takes for memory access to take place, the hacker can get an accurate picture about a user’s browser history, keystrokes and mouse movements.

The researchers state that the exploit cannot steal any passwords or data but rather records the data inflow which can help a potential hacker can then clone the users keystrokes and use the browser history for financial theft or malicious purpose.

A side-channel attack is any attack that is based on interpreting the information gained from what’s going on inside a computer and then using the information for malicious purpose.

You can download the research paper on The Spy in the Sandbox here (PDF) .



Please enter your comment!
Please enter your name here