Researchers at Graz University of Technology have unveiled a new browser-side channel attack named FROST. This method can reveal visited websites and opened desktop applications by exploiting standard browser features, as reported by Tech Radar.The FROST attack leverages the Origin Private File System (OPFS), a browser feature, to measure Solid-State Drive (SSD) access speeds. This allows attackers to infer user activity, such as visited websites and launched desktop applications. While the attack has limitations—requiring the victim's activity and browser to be on the same SSD, the creation of a large file to bypass the cache, and potential blocking if the browser profile is in RAM—it highlights how modern browser advancements increase the attack surface for surveillance.Companies like Google, Microsoft, and Adobe are developing more complex in-browser applications, which could potentially be exploited by such techniques. The researchers noted that Firefox's storage limits per website make the attack more difficult on that specific browser.Source: Tech Radar
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




