SnailLoad Can Track You Through Your Online Behavior
Graz University of Technology researchers discovered a new security vulnerability, SnailLoad, that monitors internet speed of the victim to track the online activity.
Such vulnerability can bypass well-known security tools, such as firewalls, Virtual private networks (VPNs), and private browsing modes.
Covert Surveillance
The research paper conducted by the Institute of Applied Information Processing and Communication Technology (IAIK) at the university “Exploiting Remote Network Latency Measurements without JavaScript”, showed that SnailLoad has a new way of spying by infiltrating any device without the need to use malware, making it hard and complicated to be detected through regular security programs.
The process of the attack is simple, yet sophisticated. It all starts when a user downloads a file that seems to be not a harmful one. The attack could happen when a user enters a compromised website or clicks on an ad that includes the downloaded file.
Once stage one is finished, the attacker will be able to reduce the speed of the file download, enabling them to track any delays in the user’s internet connection. The slower the file download is, the more the attacker will be able to access the data.
Digital Fingerprints Tracking Behavior
Stefan Gast, a researcher from IAIK, detailed the attack process by explaining that various online activities, such as visiting websites, watching videos, or even having video chats could have an impact on the internet speed depending on the content. Additionally, each online activity generates a distinctive fingerprint based on the size of the data sent to the server. So, by analyzing these changes related to the speed, attackers will be able to know what the victim is doing online.
SnailLoad’s Effectiveness
To test of SailLoad’s effectiveness collected latency fingerprints from YouTube and various popular websites. They could identify which videos were watched as well as what websites were visited just by matching patterns.
The results showed to be 98% successful on YouTube and around 63% on basic websites. For his part, Daniel Gruss, a researcher from IAIK mentioned that these attacks worked better when using larger amount of data and slower internet connections.
Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.