The Hacker News reports that threat actors could leverage new cache-based targeted deanonymization attacks involving services including Google Drive, YouTube, and Dropbox to determine unique website visitors.
"An attacker who has complete or partial control over a website can learn whether a specific target (i.e., a unique individual) is browsing the website. The attacker knows this target only through a public identifier, such as an email address or a Twitter handle," wrote New Jersey Institute of Technology researchers, who noted that popular websites and services, such as Google, Facebook, Twitter, LinkedIn, TikTok, and Instagram, are being used for private resource sharing prior to the embedding of the shared resource into the attack website.
Potential victims are then being lured into visiting the malicious site and clicking the content in an effort to unmask users and possibly compromise their social media accounts and email addresses. "
Knowing the precise identity of the person who is currently visiting a website can be the starting point for a range of nefarious targeted activities that can be executed by the operator of that website," added researchers.