SSD-Based FROST Attack Lets Hackers Identify Programs Running on Your PC

How the FROST Attack Exploits SSD Behavior

According to НВ — Техно: A newly discovered hacking technique called FROST can determine which applications are active on a computer by analyzing the performance of solid-state drives (SSDs). This attack leverages the Origin Private File System (OPFS) feature found in modern browsers, combined with the unique way SSDs handle data. To spy on a victim, attackers only need a single open webpage running JavaScript code.

In testing, the FROST algorithm achieved an impressive 88.95% accuracy when detecting visits to 50 popular websites. It also successfully identified 10 standard macOS applications, including:

• Maps
• Music
• Safari
• System Settings

According to researchers, 'the attacker continuously measures SSD contention by performing random reads from a large OPFS file. SSD contention caused by user activity results in measurable latency differences for these read operations.'

Defense Measures and Upcoming Research

To reduce the risks posed by FROST, experts recommend closing suspicious websites and monitoring available disk space. Browser developers can also make the attack harder to execute by limiting the maximum size of OPFS files or requiring explicit permission for local storage access.

Full details of the FROST attack research are scheduled to be presented at the DIMVA conference in July. This discovery highlights the growing importance of user security in an era of increasing cyber threats, as well as the need for continuous monitoring and improvement of data protection measures.

The FROST attack opens new possibilities for cybercriminals by allowing them to track user activity without accessing personal data. This underscores the urgent need for stronger data protection technologies and greater user awareness of potential digital threats. How browser developers and users respond to these challenges will be critical for ensuring future security.