They discover a security threat that puts online privacy at risk

A vulnerability that bypasses firewalls and VPNs

A team of researchers from the Graz University of Technology has identified a worrying security vulnerability that affects all Internet connections and devices. This vulnerability, known as ‘SnailLoad’, allows cybercriminals to spy on users’ online activities, including visiting websites, watching videos and even video calls. Most disturbingly, this exploit can bypass common security protocols such as firewalls and VPNs, posing a significant risk to online privacy.

Taking advantage of connection speed to spy

The attack works by monitoring fluctuations in the target user’s Internet speed. When you download a file from a malicious server, it initiates a slow transfer that allows attackers to control connection speed, giving them granular access to private information. This file does not contain malicious code, making it difficult to detect by security software.

Impact on online privacy

Researchers showed that the attack has a 98% success rate when spying on users watching videos, being especially effective with slower connections and larger videos. Although browsing using less data is less accurate, attackers could improve their models with more data, which would pose an imminent threat to online privacy.

Challenges in vulnerability mitigation

Rectifying this vulnerability represents a significant challenge, as proposed solutions, such as artificially slowing down Internet connections, would have an adverse impact on live streaming and online gaming. Security experts urge users to keep their operating systems and software up to date, avoid downloading files from unknown sources, and be on the lookout for any suspicious activity on their devices.

Cybersecurity awareness and good practices

Awareness and adoption of good cybersecurity practices are crucial to mitigate the risks posed by this disturbing vulnerability. The researchers will present the scientific article on this security breach at the Black Hat USA 2024 and USENIX Security Symposium conferences that take place in August.

Related posts

France’s centrist and progressive parties are struggling to form a united front after parliamentary elections

Meghan Markle and Letizia Ortiz: Two Divergent Royal Trajectories

Felipe and Letizia’s patience with Froilán and Victoria Federica has run out