CyberManipal.

Tech news from MIST

Spook.js attack Bypasses Chrome's site isolation

Vulnerabilities
@AnirudhMurthy

Anirudh Murthy

September 14, 2021

Spook.js is a newly discovered side-channel attack it has successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers to leak sensitive data in a Spectre-style attack. The technique is a JavaScript-based line of attack that specifically aims to get around barriers put in place to prevent leakage. Site Isolation, browsers will load each website in its own process, and as a result, thwart attacks between processes. Sometimes isolation safeguards do not separate two websites, effectively undermining the protections. Spook.js exploits this design.These attacks use the speculative execution features of most CPUs to access parts of memory that should be off-limits to a piece of code, and then use timing attacks to discover the values stored in that memory. An attacker-controlled webpage can know which other pages from the same websites a user is currently browsing, retrieve sensitive information and recover login credentials when are auto-filled, extract personally identifiable information displayed on the website as well as Chrome extensions. The Chrome Security Team, extended Site Isolation to ensure that extensions can no longer share processes. In sites where users login via third-party providers the new setting, called Strict Extension Isolation, is enabled. This way, Site Isolation will not consolidate attacker-supplied code with potentially sensitive data into the same process, putting the data out of reach even for Spook.js as it cannot cross process boundaries.

Abridged fromThe Hacker News

Click here to see the original post

Share this article