LAS VEGAS—Researcher Omer Gil has devised a way to trick a web server into caching pages and exposing personal data.
The so-called web caching attack targets sites that use content delivery network (CDN) services such as Akamai and Cloudflare. These services act as traffic load balancers and reverse proxies, and store files that are frequently retrieved in order to reduce latency from a web server.
Gil, an information security team leader at EY Advanced Security Center, will present research tomorrow at Black Hat, that shows how adversaries can abuse these services and expose sensitive information of authenticated users and even take control of their accounts.
Gil said many of the companies that use web caching services are vulnerable to these types of attacks. In February, he notified PayPal it was vulnerable to such an attack that allowed him to access a PayPal account holder’s first and last name, last four digits of their credit card, email address, phone number and even their passport number.
For his work with PayPal, Gil earned a $3,000 bug bounty. A more in-depth and up-to-date explanation of his research will be presented Wednesday, but his is initial research is posted online.