Scientists have uncovered four new technologies that can expose internet user’s browsing histories. The browsing history can be used by hackers to learn which website they have visited most.
These hacking techniques fall into the category of “history sniffing”, a concept dating back to the early 2000s.
However, the attacks are exhibited by the researchers from the University of California, San Diego in the US. It can track a user’s online activity in a matter of seconds and work over recent visions of major web browsers.
All of the attacks are worked on Google Chrome, according to researchers.
Two of the attacks are also worked on a range of other browsers like Mozilla Firefox, Microsoft Edge and various security research browsers.
Researchers said that only one browser that proved immune to all of the attacks is the Tor Browser. There is no chance of hacking because it doesn’t keep a record of browsing history in the first place.
Must Read: What Is Two-Steps Verification?
“ My hope is that the severity of some of our published attacks will push browser vendors to revisit how they handle history data, and I’m happy to see people from Google, Mozilla, and the broader World Wide Web Consortium (W3C) community already engage in this,“
The researcher said that most internet users are now aware of “phishing”, fake websites which say, banks, mimic to trick them into entering their personal details.
They said that the phisher can learn about their potential victim, the more likely the con is succeeded.
After an effective history sniffing attack, a criminal can convey out a smart phishing scheme, that automatically matches every victim to a scam page corresponding to their actual bank.
The phishers preload the attack code with the list of target banking sites and hide it in, for example, a normal looking website. When a victim goes to an attacking page, the code runs through this list, sniffing or testing the victim’s browser for signs that it has been used to visit every targeted website.
When one of the websites tests positive, the phisher then redirects the victim to the corresponding faked version.
The history sniffing attacks have reached the rates of thousands of URLs trialed per second. It is allowing attackers to quickly put together detail profiles of web surfing online activities.
Criminals can put this sensitive information to work in a few ways besides phishing: Such as, by blackmailing users with shaming or embarrassing details of their browsing history.
The researcher said that history sniffing can also be developed legitimately for the purpose like marketing and advertising.
The code can be observed these differences- for example, the time an operation takes to accomplish or the way a certain graphic element is controlled- to collect the browsing history.
The researchers display features that allow programmers to customize the appearance of their web page. This technique is controlling fonts, backgrounds, colors and so forth using Cascading Style Sheets (CSS) as well as caches meant to improve the performance of web code.
The researchers suggest a bold fix to these issues: they believe that the browsers could set explicit boundaries to control how users’ browsing histories are used to exhibit web pages from different sites.
Must Read: How IoT Can Make Indian Cities Smart
Do you like it? Don’t forget to share it.