A new research paper has been published that mentions a side-channel attack that threat actors can exploit to leak sensitive visual data from modern GPU cards when visiting a malicious website.
This method was published under the name “GPU.zip” by four American universities: the University of Texas at Austin, Carnegie Mellon University, the University of Washington, and the University of Illinois. The attack simulation was based on a cross-origin SVG filter pixel-stealing attack via Chrome browser for research purposes.
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
GPU Side-Channel Vulnerability
The lead author Yingchen Wang mentions in his research paper that this attack was due to the undocumented ways of compression used by vendors like Intel and AMD. These vendor-specific compressions took place even when the software program did not specifically request compression.
“Compression induces data-dependent DRAM traffic and cache utilization, which can be measured through side-channel analysis. Unfortunately, besides its well-recognized performance benefits, compression is also a known source of side-channel data leakages. ” reads the research paper.
Intel and AMD do this type of risky compression in their modern GPUs as part of an optimization strategy to save on memory bandwidth and increase their performance without the use of additional software.
The research paper also stated, “An attacker can leak secrets in HTTP/HTTPS requests and responses bit-by-bit by exploiting how compressibility is often secret-dependent.” This means that the attack can steal sensitive visual data by reading pixel-by-pixel.
Moreover, the attack demonstration was conducted on the Wikipedia site for stealing the username using an iframe. The results for the Ryzen side-channel attack were within 30 minutes, and for Intel GPUs, it was 215 minutes. Though the attacks took more time, making most threat actors lose their patience, the accuracies were 97% and 98.3%, respectively.
For detailed information about the case study, attack scenarios, discussion, and other information, following the research paper published by Hertzbleed is recommended.
According to Intel, they have not been able to review the researcher’s complete paper. However, they have examined the findings that were shared with them and concluded that the issue does not lie within their GPUs but rather in software from a third party.