The attack allows hackers to determine the target’s web activity by leveraging features from the target’s packet sequence, while disregarding the application of most privacy-protecting technologies such as VPNs and proxies.
The new form of the attack demonstrated by researchers from universities in the United States, Australia, and Israel is effective as it only relies on CSS and HTML, making it the first side-channel attack that works on Apple’s M1 chips.
Empirically demonstrating this, we evaluate our attacks on AMD’s Ryzen, Samsung’s Exynos, and Apple’s M1 architectures. Ironically, we show that our attacks are sometimes more effective on these novel CPUs by Apple and Samsung compared to their well-explored Intel counterparts.
Meanwhile, Apple has said that the public disclosure of the team’s findings does not raise any concerns and that it has implemented necessary measures, including revoking certificates for the developer’s account from where the malware originated.