New attack named SnailLoad allows a remote attacker to infer websites and videos viewed by a user without direct access to network traffic.
June 24, 2024 By Eduard Kovacs
A team of researchers from the Graz University of Technology in Austria has disclosed the details of a new attack method that allows a remote attacker to infer websites and other content viewed by a user without needing direct access to their network traffic.
Other researchers previously showed that websites accessed by users and even the actions they perform within applications can be inferred by an attacker, but this often requires a person-in-the-middle (PitM) attack or hacking the target’s Wi-Fi connection from physical proximity.
The new side-channel attack method discovered by the TU Graz researchers, named SnailLoad, is more efficient as it does not require a PitM position, JavaScript, or any other code execution on the victim’s system.
