Researchers at Florida International University (FIU) cybersecurity warn that websites that ask for access to your data may be able to evade antivirus protection and launch large-scale ransomware attacks.
According to a study published by the Florida Institute of Innovation and Industry (FIU), free photo editors and tax document assistants, as well as other online applications that request access to your media, can be used to encrypt files and gain complete control over them. These attackers can then demand ransom for the safe return of the files.
The researchers say the attack targets all three main PC operating systems (Windows, Linux, and Mac OS). Some cloud services (Apple Cloud, Box, and Google Drive), OneDrive, Dropbox, and external drives are vulnerable to the attack.
How Does It Work?
There are only two things that a malicious website needs to do to launch an attack.
- A person needs to say, ‘yes’ to a pop-up that asks them to share their files, such as ‘Allow this website to access your photos?’
- Someone must click, ‘yes,’ on a second pop-up, which is the attack. The pop-up will be disguised as a benign message, such as an advertisement or a request like, ‘May we close the rest of your tabs for you?’
“These two pop-ups are so easy to click ‘yes’ to, it’s almost too tempting,” says Selcuk Uluagac, principal investigator of the research and professor of computer science at the Knight Foundation School of Computing.
Antivirus software systems allow these attacks because it is “standard practice for antivirus software to provide browsers with file access,” said Uluagac. “They do not detect that anything is wrong.”
The Power of Web Browsers
These hacks are possible due to the increasing power of web browsers, researchers say.
“Browsers have become much more powerful over time”, said a postdoctoral researcher and part of the cybersecurity team, Abbas Acar. “They can access cameras, files, locations, and even our batteries if we allow them to.”
These ‘browser powers’ typically make online life easier and more enjoyable. They make everyday life easier. These capabilities are known in the tech world as APIs (application programming interfaces), and they have become integral to today’s internet ecosystem.
The FIU’s research is significant because it reveals the vulnerabilities of one of the APIs most commonly used: File-sharing. Because file-sharing programs are so widely used and are usually considered harmless by anti-virus software, ransomware attacks using them can be hard to detect.
Explore solutions to protect against this ransomware
The researchers at the FIU looked for ways to protect users from this ransomware attack. They proposed three main ideas:
- A browser-based defense solution that prevents an attacker from encrypting.
- An app built into the computer that monitors files to see if they are about to be encrypted.
- A notification system is built into the browser that warns users against possible threats.
The FIU team carried out the research using their prototype design and did not use any ‘wild’ websites, but Uluagac stresses that it is important for everyone to be aware that the ransomware threat is still out there.
When it comes to protecting your computer, the danger is not only in what you download; it’s also in what you upload. Be cautious when granting file access permissions, and stay informed about the evolving threats of ransomware.
Found this article interesting? Follow us on WhatsApp and LinkedIn to read more exclusive content we post.