New SSD Attack Lets Hackers Identify Programs Running on Your Computer

FROST Threat Announced

According to НВ — Техно: A new cybersecurity threat named FROST was disclosed on May 30 at 7:15 AM. This attack exploits the Origin Private File System (OPFS) feature found in browsers, combined with the unique behavior of solid-state drives (SSDs). According to the research, the attack algorithm can identify visits to 50 popular websites with 88.95% accuracy and recognize 10 standard macOS applications with a 95.83% success rate.

Attack Methods and Recommendations

To carry out the FROST attack, an attacker only needs the victim to keep a webpage with JavaScript code open. During tests, researchers confirmed that the attacker continuously measures SSD contention by performing random reads from a large OPFS file.

“SSD contention caused by user activity creates measurable latency differences in these read operations,” the researchers stated.

Among the identified macOS applications were:

• Maps
• Music
• Safari
• System Settings

The overall application identification accuracy reached 95.83%. Details of this study are scheduled to be presented at the DIMVA conference in July.

Experts advise users to close suspicious websites and monitor available disk space. Browser developers could make this attack more difficult by limiting the maximum size of OPFS files or requiring separate permission for local storage access.

The FROST attack highlights the importance of online security, especially for macOS users. Given its high accuracy in identifying popular applications and websites, this threat poses serious risks to data privacy. It is crucial for users to stay informed about potential risks and take steps to protect their information.