News

Researchers find Specter-like flaw in Safari that could reveal passwords

By admin
Spread the love

Researchers have discovered a flaw in Apple’s Safari web browser that could allow hackers to perform a Spectre-like attack by exploiting the speculative execution feature of Apple chips. This allows attackers to obtain login details of iOS and MacOS users, among other things.

The vulnerability, which the researchers Call iLeakage, would affect iPhones, iPads and iMacs released from 2020 onwards that contain Apple’s Arm-based A or M chip. The flaw allows hackers to exploit the speculative execution feature. This function is found in some SoCs and allows the chips to perform certain calculations before they are needed. This often makes the CPUs faster, but it also causes certain calculations to be leaked to the buffer cache. The leak allows hackers to read the leaked data from the cache.

Speculative execution is also central to, among other things, the Specter and Meltdown leaks that were discovered six years ago. Since then, browsers have implemented measures to prevent such attacks as much as possible, but it now appears for the first time that speculative execution attacks can also be carried out with Apple chips and via the Safari browser.

If attackers manage to lure users to a malicious website via the Safari browser, they can intercept sensitive data from the browser. The attackers can see the user data of the website they are currently visiting, but the data from the previous site remains for some time after leaving that site. Via the malicious website, attackers can therefore link users to a website from which they can intercept the data. For example, the researchers managed to use a proof-of-concept attack to view a Gmail inbox or YouTube viewing history. If the Safari browser automatically fills in the login information for these sites, the hackers can steal that info as well.

The research team does not know whether this attack has ever actually been exploited. The attack would leave few traces and is therefore virtually undetectable. The team does state that carrying out this attack requires a lot of technical knowledge. The rogue site also needs five minutes to profile visitors. If users leave the website immediately after visiting, they will most likely escape the dance. The researchers say they already informed Apple about the existence of the leak a year ago, but so far it has not been fixed. To PCMag however, let the tech company know that this leak will be fixed in the next software release.

The research team demonstrates how the vulnerability can be used to read the Gmail inbox.

You might also like
News

Android 14 beta brings support for a desktop mode

News

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these…

News

The most boring technology of the 21st century: Intel has only grown 5% since 2000

News

Google Password Manager can start sharing passwords with partners or children

News

PlayStation 5 beta update improves audio from DualSense controller

News

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default