News
This is how SnailLoad works: a new spying method capable of finding out which videos and websites you watch
The only way to deal with this type of attack is by degrading our internet connection.
- June 26, 2024
- Updated: July 1, 2025 at 11:17 PM
A group of researchers from Graz University of Technology has developed a new method of internet spying called SnailLoad, which can determine with 98% accuracy the video that a user is watching and with 63% accuracy the websites they visit.
Titled “SnailLoad: Exploiting Remote Network Latency Measurements without JavaScript”, the paper is the work of Stefan Gast, Roland Czerny, Jonas Juffinger, Fabian Rauscher, Simone Franza, and Daniel Gruss, who explain how this technique does not require the installation of malware or the observation of network traffic through a “person-in-the-middle” attack. Furthermore, the attacker doesn’t even need to be physically close to monitor Wi-Fi packets.
SnailLoad takes advantage of the “subtle variations in round-trip times of network packets”, which carry a side-channel signal influenced by the victim’s activity. By having the user download a small file, the attacker can measure latency and changes in internet connection speed to deduce the user’s activity. The name of this new type of attack is due to the slow download speed, compared to that of a snail. “Apart from being slow,” explain the researchers, “SnailLoad, like a snail, leaves traces and is a bit creepy”.
The attack is completely passive and remote, and is capable of accurately determining which video a user is watching or what web activity they are engaged in. To make matters worse, the only way to mitigate it is by degrading the internet connection, something that most users would not be willing to do. Researchers warn that “the root cause cannot be eliminated and further investigation is necessary to find satisfactory solutions”.
Although this threat is based solely on laboratory research and is unlikely to be exploited in the real world at the moment, this new method “demonstrates the wide range of possible attack vectors” that could “significantly stress security personnel,” according to Boris Cipot, a security engineer at the Software Integrity Group of Synopsys, who also warned that “similar attack vectors may already be in use without our knowledge”.
Publicist and audiovisual producer in love with social networks. I spend more time thinking about which videogames I will play than playing them.
Latest from Pedro Domínguez
- Fraudulent Websites Are on the Rise: Here’s How Avast Free Antivirus Keeps You Safe
- Unplug This Summer Without Compromising Your Digital Security — Get Protected with Avast Free Antivirus
- Have You Ever Stopped to Think About How Much Personal Information You Share Online Every Day?
- National Streaming Day: How On-Demand Entertainment Has Redefined Our Viewing Habits
You may also like
NewsThe creator of Vampire Survivors believes that role-playing games should last even longer
Read more
NewsCillian Murphy could be the most iconic villain in Harry Potter in the upcoming HBO adaptation
Read more
NewsIf you've always wanted to dig a hole with your friends, this video game is exactly about that
Read more
NewsWithout Sony, this indie from the creators of Journey would never have seen the light
Read more
NewsDespite sweeping the Anime Awards, this series may not have a sequel until at least 2028
Read more
NewsWe already know where we will be traveling in season 4 of 'The White Lotus'
Read more