Geeks for your information News Browsers News & Tips v
Protect yourself against a pure CSS data stealing attack called Exfil
Protect yourself against a pure CSS data stealing attack called Exfil
harlan4096 Online
MalWare Zoo Team
*******
Posts: 16,269
Threads: 10,307
Thanks Received: 9,363 in 7,509 posts
Thanks Given: 10,346
Joined: 12 September 18
#1
Lightbulb  03 April 19, 10:59 (This post was last modified: 03 April 19, 11:00 by harlan4096.)
Quote:
[Image: css-exfil-vulnerability-tester.png]

CSS Exfil Protection is a browser extension for Mozilla Firefox and Google Chrome that protects data against CSS Exfil attacks.

Internet users who have a good understanding of online security know that JavaScript is a great technology but also something that can be used in attacks. There are plenty of solutions available to deal with JavaScript-based attacks including using content blockers like uBlock Origin, extensions like NoScript that block JavaScript executions, or disabling JavaScript outright (the latter is not very practical).

An attack, named CSS Exfil (from exfiltrate), uses CSS to steal data. Mike Gualtieri, the researcher who discovered the vulnerability, published several proof of concept attacks designed to steal usernames, passwords, and other data on web pages it is used on.

Mike Gualtieri created a vulnerability tester that returns whether the web browser is vulnerable to CSS Exfil attacks. Just visit the web page in question to see if the browser is vulnerable or not. The page is just testing the vulnerability but not abusing it in any way.

What makes the attack particularly problematic is that it does not rely on JavaScript and that browsers don't offer any form of protection against it.

CSS Exfil Protection is a browser extension that adds protections against CSS Exfil attacks to web browsers. Designed for Firefox and Chrome, the extension should work in Firefox-based or Chrome-based web browsers such as Opera or Vivaldi as well.

The extension "sanitizes and blocks any CSS rules which may be designed to steal data". Note that you may run into issues on sites that use these rules for legitimate purposes. The developer plans to introduce support for a whitelist in future versions to address the issue. An option to toggle it on or off globally is provided already.

Just install the extension in a supported web browser to protect your data against attacks exploiting the issue. You may want to visit the vulnerability tester page again to see if you are indeed protected. 
Continue Reading
[-] The following 2 users say Thank You to harlan4096 for this post:
  • krish, silversurfer
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
26.5.1 Added a Re...Kool — 15:17
XYplorer
What's new in Rele...Kool — 10:35
KeePass 2.61.1
KeePass 2.61.1 ...harlan4096 — 06:04
Adobe Acrobat Reader DC 2026.001.21529
Adobe Acrobat Read...harlan4096 — 09:58
AxCrypt 3.0.0.90
AxCrypt 3.0.0.90: ...harlan4096 — 06:27

[-]
Birthdays
Today's Birthdays
avatar (45)centfootadoni
Upcoming Birthdays
avatar (28)akiratoriyama
avatar (48)Jerrycix
avatar (40)awedoli
avatar (82)WinRARHowTo
avatar (38)owysykan
avatar (49)beautgok
avatar (39)axuben
avatar (45)talsmanthago
avatar (31)mocetor
avatar (46)piomaibhaict
avatar (51)kingbfef
avatar (38)izenesiq
avatar (40)ihijudu
avatar (45)tiojusop
avatar (42)Damiennug
avatar (40)acoraxe
avatar (49)contjrat
avatar (41)axylisyb
avatar (44)tukrublape
avatar (41)iruqi
avatar (42)saitetib
avatar (36)ypasodiny
avatar (39)omapek
avatar (48)Geraldtuh
avatar (44)knigiJow
avatar (46)1stOnecal
avatar (50)Mirzojap
avatar (36)idilysaju
avatar (45)xclubDum
avatar (41)Stewartanilm
avatar (44)nikitaxople
avatar (40)GregoryRog
avatar (45)mediumog
avatar (40)odukoromu
avatar (46)Joanna4589
avatar (28)Honor6

[-]
Online Staff
There are no staff members currently online.

>