Computer scientists at Graz University of Technology have uncovered a new security vulnerability that could enable unauthorized surveillance of internet users' online activities. 

SnailLoad: New Loophole Found That Could Enable Spying

According to the researchers, this loophole, known as "SnailLoad," bypasses conventional data protection measures such as firewalls, VPN connections, and browser privacy modes.

Unlike traditional methods involving malware or data interception, SnailLoad exploits fluctuations in internet connection speed to track users' actions online. This method does not require deploying malicious code, making it particularly insidious. 

The researchers at the Institute of Applied Information Processing and Communication Technology (IAIK) noted that the vulnerability hinges on monitoring the latency variations that occur during the transfer of seemingly innocuous files from attacker-controlled servers to unwitting victims.

Stefan Gast from IAIK explained that every online activity leaves a distinct latency pattern similar to a unique fingerprint. When a user interacts with websites, watches videos, or engages in video calls, the latency fluctuations pattern reflects the content being accessed.

By analyzing these patterns, attackers can reconstruct the sequence of a victim's online actions. The technique involves pre-collecting latency fingerprints of popular websites and YouTube videos.

The researchers identified users' activities during experiments by correlating observed latency patterns with the stored fingerprints. This approach effectively circumvents conventional security measures blind to such subtle indicators.

Daniel Gruss, another researcher involved in the study, noted that the success rate of the SnailLoad attack can be remarkably high, especially under conditions where internet speeds are slower and data volumes are higher.

Read Also: Change Healthcare Begins Notifying Hospitals, Customers Who Had Data Exposed in Massive Cyberattack

98% Accuracy

During tests, the researchers achieved up to 98% accuracy in identifying activities like video consumption, albeit with slightly lower success rates for simpler web browsing activities.

Gruss warned that the loophole is exceptionally difficult to mitigate. Traditional fixes like software updates or firewall adjustments are ineffective against a method that exploits inherent properties of internet traffic dynamics. 

According to Gruss, the potential countermeasure of deliberately slowing down internet connections in a randomized manner could degrade the user experience, particularly for real-time applications such as video conferencing and online gaming.

The implications of SnailLoad extend beyond individual privacy concerns to a broader impact on cybersecurity strategies. The Graz University team advocates for heightened awareness and research into more robust defenses against such sophisticated tracking methods. 

Gast and Gruss' team has established a website outlining SnailLoad. They plan to present their scientific paper on this vulnerability at the upcoming Black Hat USA 2024 and USENIX Security Symposium conferences.

Related Article: Indonesia Shuts Down Over 2 Million Illegal Online Gambling Websites, Exposing Deadly $2 Billion Underground Industry