Information security specialist Omer Gil has come up with an ingenious method of conning a web server into exposing personal data through a caching attack. Any sites that use content delivery network (CDN) services are vulnerable to this new threat.
Gil’s idea, showcased at Black Hat Conference, demonstrates how an attacker can exploit authenticated users by exposing their sensitive information and seizing control of their accounts. He has already highlighted companies, including PayPal, that are especially vulnerable to this kind of threat.
How does he do it? Well, it’s pretty technical stuff – but anyone managing websites ought to be aware of it. A (very) simplified description is offered below:
Using a malformed URL, he content is cached in a move that would normally not be allowed by the CDN. Once the data input on the compromised URL is cached, Gil just has to return to the URL in order to sweep personal and financial data from his victim.
There’s no immediate or obvious antidote to this – the best defence is to make a website less permissive.