Security loophole lets hackers spy on people and affects every device and internet connection
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A new security loophole could let hackers spy on anyone – and every internet connection and device is vulnerable, according to the researchers who found it.
The hack is known as ‘SnailLoad’ and appears to bypass all security measures such as firewalls and VPN tools.
It works by monitoring changes in the speed of a user’s internet connection – not requiring any kind of code or access to a machine.
That is enough to allow hackers to track users’ online activity in detail, the researchers behind it say.
To be hit by the ‘SnailLoad’ attack, users need only to download a seemingly harmless and small file from the hacker’s server. That might be hidden inside a malicious website, for instance.
That file does not in itself contain malicious code, meaning that it will not be spotted by security software. But the transfer of the file is extremely slow – which means that attackers can monitor how fast the user’s internet connection is.
That is enough for hackers to gain detailed access. It allows attackers to spot the “fingerprint” of a connection: to transfer a file, it is broken up into a number of small pieces, but that leaves behind a unique code that can then be spotted later.
“When the victim accesses a website, watches an online video or speaks to someone via video, the latency of the internet connection fluctuates in a specific pattern that depends on the particular content being used,” said Stefan Gast, from Graz University of Technology, where the team who found the vulnerability are based.
The researchers behind the attack said they were able to spy on test users watching videos with a 98 per cent success rate. That was more successful if their internet connections were slow and the videos were large, they said.
As such, that means that browsing using less data is also less accurate – researchers could only spy on users looking at basic websites with a 63 per cent success rate. But attackers would be able to improve their models with more data, making them even better at spying on even more difficult browsing.
There is no easy way to fix the security issue, researchers said.
“The only option would be for providers to artificially slow down their customers’ internet connections in a randomised pattern,” said Daniel Gruss, also from Graz University of Technology’s Institute of Applied Information Processing and Communication Technology. But slowing down those connections would also mean that there would be delays in live streams or online gaming.
The team are to publish a paper describing their findings at a devoted website.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments