Your data is prone to hack attacks, even after the browser tab has been closed, thanks to MarioNet

BEWARE! A browser-based attack has recently been developed, which gives the hacker access to plant a malicious code inside users’ browsers, even after the user has closed the browser tab or moved away from that specific website. The attack is called MarioNet.

The reason why MarioNet can allow a hacker to do so much is that most of the browsers today support Service Workers API, which can easily continue to operate in the page’s background, provided that it has been registered and activated. Once the service worker is loaded on a specific site, it no longer requires the user to keep on using the browser.
The team of researchers in a whitepaper "demonstrate the powerful capabilities that modern browser APIs provide to attackers by presenting MarioNet: a framework that allows a remote malicious entity to control a visitor’s browser and abuse its resources for unwanted computation or harmful operations, such as cryptocurrency mining, password-cracking, and DDoS."
The most concerning aspect of the attack is that it’s silent and doesn’t necessarily depend on user interaction, as discussed above. Before registering a service worker, neither the user’s permission is asked nor are they alerted by the browsers. Everything happens in the background and the user will remain clueless until all the damage has been done. It is not even possible to figure which websites have registered service workers because, let’s be honest, there are no clues or indicators yet, that can help users in identifying this threat.

Moreover, a MarioNet attack shouldn’t necessarily be connected to the point of attack. An attacker can easily infect users on one website, say Website 1, but they can later regulate all the service workers from another Server, say Server 2.
Also Read: Apple, Facebook, Google, Uber - How Tech Companies Find Leaks
This allows hackers to place malicious code on high-traffic sites for some time, and after a lot of browsers have been affected, the code can be removed from the website and the infected browsers can continue to be controlled from another server.

Due to the Service Workers being a modern day invention, the MarioNet attack can be carried out in various desktop and mobile browsers with the exceptions of Internet Explorer, Blackberry (mobile) and Opera Mini.

The attack has been created by academics from Greece and in their research paper, they have also covered various important topics such as how the attacks could avoid detection by anti-malware browser extensions, as well as how browsers could make adjustments to their security.

There is a lot that needs to be studied about these attacks and many important details are available across different research papers. One should definitely give them a read.

Photo: Shutterstock

Read Next: Beware Of The New Technique Used By Cyber Criminals To Steal Payment Data
Previous Post Next Post