Weakness in Intel chips lets researchers steal encrypted SSH keystrokes
Vulnerabilities in the Data-Direct I/O (DDIO) mechanism in Intel server processors can be exploited by attackers in order to grab keystrokes and other sensitive data, new research from the Vrije Universiteit Amsterdam and ETH Zurich shows.
In the most dangerous attack scenario, threat actors could abuse DDIO in order to steal data from data centers and cloud environments. In order to demonstrate how this could work, the researchers designed an attack scenario in which they managed to get one server to obtain keystrokes typed into the protected SSH session set up between two other servers, one of which was an application server.
The researchers say that while their Network Cache Attack (NetCAT) “is powerful even with only minimal assumptions,” they “have merely scratched the surface of possibilities for network-based cache attacks.” Consequently, they “expect similar attacks based on NetCAT in the future.”