• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 11th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Spectre attack variant can be remotely mounted to extract sensitive data

July 27th, 2018 Waqas Security 0 comments
Spectre attack variant can be remotely mounted to extract sensitive data
Share on FacebookShare on Twitter

What we know so far about Spectre attacks is that it relies upon execution of malicious code. The code is executed on computers having speculative-execution design flaws in processor chip; once a device is compromised, it becomes possible to obtain sensitive data such as passwords, PINs, and keys. Such data is usually stored in the memory of software installed on the device.

According to security researchers, there is a way to exploit the processor flaws over a network connection. The technique, dubbed by researchers as NetSpectre, can help attackers in extracting private information from any device that is connected to the network without execution of malicious code, by exploiting the branch prediction mechanisms. This technique makes billions of computers and gadgets at risk of exploitation to some extent.

See: Spectre bug protection forcing Chrome to use 10 to 13% more RAM

The newly discovered [PDF] Spectre-class CPU attack certainly marks an evolution in Spectre attacks since it eradicates the requirement of downloading and running malicious code or accessing a website that runs malicious JavaScript code on a targeted machine. Using NetSpectre, an attacker can very conveniently launch the attack by bombarding the computer network ports to get the desired results.

The only potential shortcoming of this technique is that the exfiltration speed is comparatively slower with an approximate speed of 15/bits per hour. Researchers could reach a higher speed of exfiltration (up to 60bitsper hour) by targeting a CPU’s AVX2 module, but the model is only specific to Intel CPUs.

This shortcoming makes NetSpectre more like a theoretical threat than something possessing real danger for organizations and users. Since the attack is linked to the Spectre v1 vulnerability classified as CVE-2017-5753, so all the CPUs that are vulnerable or have been affected by Spectre v1 will be at risk.

Researchers claim that the purpose of this research was to prove that Spectre attacks doesn’t merely rely upon “local code execution” but can also be “mounted remotely.”

According to Michael Schwartz, one of the researchers, “Spectre does not necessarily require the cache to leak values.” Schwartz further added that the data leakage should be worrisome but the exfiltration speed is most certainly the biggest downside of NetSpectre.

“Luckily, the speed is quite limited, which makes this attack mainly interesting for targeted attacks on high-value targets. If the system is fully patched against Spectre.. the attack should be prevented. However, we are still at the beginning of understanding how Spectre gadgets can look like, so this is not a problem that is trivial to solve,” stated Schwartz.

According to the official statement from Intel:

NetSpectre is an application of Bounds Check Bypass (CVE-2017-5753) and is mitigated in the same manner – through code inspection and modification of software to ensure a speculation stopping barrier is in a place where appropriate. We provide guidance for developers in our whitepaper, Analyzing Potential Bounds Check Bypass Vulnerabilities, which has been updated to incorporate this method. We are thankful to Michael Schwarz, Daniel Gruss, Martin Schwarzl, Moritz Lipp, & Stefan Mangard of the Graz University of Technology for reporting their research.

Full details of this research are available in the paper titled “NetSpectre: Read Arbitrary Memory over Network [PDF].”

Image credit: Depositphotos

  • Tags
  • CPU
  • Intel
  • internet
  • NetSpectre
  • security
  • Spectre
  • Technology
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article 364 inmates hacked prison tablets to steal almost $225,000
Next article ICO hacked: Hackers steal $8 million from KICKICO Blockchain network
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
2 scraped LinkedIn databases with 500m and 827m records sold online

2 scraped LinkedIn databases with 500m and 827m records sold online

Unpatched vulnerable VPN servers hit by Cring ransomware

Unpatched vulnerable VPN servers hit by Cring ransomware

Microsoft Exchange server, Teams, Zoom, Chrome pwned at Pwn2Own

Microsoft Exchange server, Teams, Zoom, Chrome pwned at Pwn2Own

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
2 scraped LinkedIn databases with 500m and 827m records sold online
Cyber Crime

2 scraped LinkedIn databases with 500m and 827m records sold online

Facebook ads dropped malware posing as Clubhouse app for PC
News

Facebook ads dropped malware posing as Clubhouse app for PC

Hackers leak data, 600k card info from Swarmshop cybercrime forum
Cyber Crime

Hackers leak data, 600k card info from Swarmshop cybercrime forum

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us