One of the biggest security problems when browsing the Internet is data leakage. For example, information such as browsing history, IP address, names … In this article we explain how a group of security researchers has developed a new attack that is capable of recording a large amount of data when browsing network.
Gummy Browser, the new attack that records data when browsing
A group of security researchers in the United States has developed what they have called the Gummy Browser . It is a new attack that has the ability to register fingerprints and impersonate the browser. They indicate that it is a simple technique and that it can seriously jeopardize the security and privacy of users.
But to better understand how Gummy Browser works, you have to know what a fingerprint consists of. We can say that it is a unique identifier that is associated with a user. It is capable of recording data such as the IP address, the version of the browser you are using, the installed system, programs, plug-ins and even cookies or mouse movements and keystrokes.
Keep in mind that these fingerprints can be used by the websites themselves to identify users or even form part of authentication systems . They have a great value for everything we have mentioned that they store, and that causes them to be sold on the Dark Web.
But then, what is the Gummy Browser attack all about? What these security researchers have achieved is to capture that fingerprint once a person enters a website controlled by an attacker. That fingerprint can be used later to falsify the identity of that user.
They use scripts , both existing and custom. The method is based on the injection of scripts, which are capable of extracting values through JavaScript APIs. They also use tools to change the browser attributes to any custom value, as well as modify the scripts and change the browser properties with spoofed values.
They can fool fingerprint systems
Simply by capturing a victim’s fingerprint once, security researchers noted, they can fool systems for an extended period of time.
They claim that this method they have devised would be able to successfully spoof the victim’s browser . But also, it is possible to run Gummy Browser without the remote user and server being able to detect it. This makes them run and spoof without any alerts being triggered.
The conclusion that security researchers draw is that a cybercriminal could take advantage of this type of attack to fool systems that use fingerprints. It could seriously affect the security and privacy of users. This raises the question of whether it is good to use fingerprints on a large scale, as they could become a real problem for users.