NetCAT Attack: Intel Server-Grade CPUs Exploited to Leak Sensitive Data
CYBER NEWS

NetCAT Attack: Intel Server-Grade CPUs Exploited to Leak Sensitive Data

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

Cybersecurity researchers have outlined a new type of attack involving Intel server-grade processors since 2012. The attack is based on a vulnerability named NetCAT (Network Cache Attack).

The vulnerability could allow sniffing data by mounting a side-channel attack over the network. The discovery of the NetCAT attack comes from researchers from the VUSec group at Vrije Universiteit Amsterdam.




NetCAT shows that network-based cache side-channel attacks are a realistic threat,” forskerne forklare. Cache attacks are not uncommon and they have been used to leak sensitive data on a local setting. NetCAT only shows how this threat extends to untrusted clients over the network. Hvis udnyttet, NetCAT can leak sensitive information such as keystrokes in a SSH session from remote servers with no local access, hedder det i rapporten.

What is the cause of NetCAT?

The vulnerability stems from a recent Intel feature called DDIO, which grants network devices and other peripherals access to the CPU cache. Designed with the idea to be a performance optimization in fast networks, DDIO has severe security implications, note the researchers. These issues expose servers in local untrusted networks to remote side-channel attacks.

Through their work, the researchers show how NetCAT can break the confidentiality of a SSH session from a third machine. Vigtigst, no malicious software running on the remote server is needed, as the attacker is doing this by sending network packets to the remote server.

More about the attack:

With NetCAT, we can leak the arrival time of the individual network packets from a SSH session using a remote cache side channel. Why is this useful? In an interactive SSH session, every time you press a key, network packets are being directly transmitted. Som et resultat, every time a victim you type a character inside an encrypted SSH session on your console, NetCAT can leak the timing of the event by leaking the arrival time of the corresponding network packet. Nu, humans have distinct typing patterns. For eksempel, typing ‘s’ right after ‘a’ is faster than typing ‘g’ after ‘s’. Som et resultat, NetCAT can operate statical analysis of the inter-arrival timings of packets in what is known as a keystroke timing attack to leak what you type in your private SSH session.

Relaterede: TLBleed svaghed påvirker Intel processorer Efter Meltdown

It should be noted that in November 2018, two side-channel attacks were uncovered by security researchers -the so-called Portsmash side-channel vulnerability, og a GPU exploit. Portsmash is similar to previous cases like Meltdown.

By exploiting this bug hackers could hijack information from processes that are running in the same core. The demonstrated proof-of-concept code showed how it is possible to steal the private key during an OpenSSL session. The performed tests showcased that Intel Skylake and Kaby Lake are impacted by this.

As for the exploits regarding GPU cards, they could target individual end-users that use them in day-to-day activities as well as clusters that rely on GPUs for distributed computing.

Avatar

Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum for 4 år. Nyder ’Mr. Robot’og frygt’1984’. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler!

Flere indlæg

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...