A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data in a Spectre-style speculative execution attack.
Dubbed “Spook.js” by academics from the University of Michigan, University of Adelaide, Georgia Institute of Technology, and Tel Aviv University, the technique is a JavaScript-based line of attack that specifically aims to get around barriers Google put in place after Spectre and Meltdown vulnerabilities came to light in January 2018, thereby potentially preventing leakage by ensuring that content from different domains is not shared in the same address space.
“An attacker-controlled webpage can know which other pages from the same websites a user is currently browsing, retrieve sensitive information from these pages, and even recover login credentials (e.g., username and password) when they are autofilled,” the researchers said, adding “the attacker can retrieve data from Chrome extensions (such as credential managers) if a user installs a malicious extension.”
As a consequence, any data stored in the memory of a…
http://feedproxy.google.com/~r/TheHackersNews/~3/6BCg_n44FJA/new-spookjs-attack-bypasses-google.html