iLeakage vulnerability (unpatched)
Dan Goodin, writing for Ars Technica, describes an “iLeakage” attack via Apple’s WebKit software that can compromise sensitive information on Apple Silicon Macs running Safari and on iOS/iPadOS devices running any web browser. There is no fix, so far, but there have been no reports yet of live exploitation.
Hackers can force iOS and macOS browsers to divulge passwords and much more
Researchers have devised an attack that forces Apple’s Safari browser to divulge passwords, Gmail message content, and other secrets by exploiting a side channel vulnerability in the A- and M-series CPUs running modern iOS and macOS devices. iLeakage, as the academic researchers have named the attack, is practical and requires minimal resources to carry out.
…
“We show how an attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using speculative execution,” the researchers wrote on an informational website. “In particular, we demonstrate how Safari allows a malicious webpage to recover secrets from popular high-value targets, such as Gmail inbox content. Finally, we demonstrate the recovery of passwords, in case these are autofilled by credential managers.”
While iLeakage works against Macs only when running Safari, iPhones and iPads can be attacked when running any browser because they’re all based on Apple’s WebKit browser engine. An Apple representative said iLeakage advances the company’s understanding and that the company is aware of the vulnerability and plans to address it in an upcoming software release. |
