Spectre-class side-channel → cross-tenant memory leak
Pre-mitigation cloud VM lets a co-tenant trigger speculative loads from kernel / sibling-VM memory. Cache-side-channel measurements recover sensitive data, including TLS keys + cloud creds.
§ Context
Assumed environment: shared-host cloud VM / serverless / container runtime not patched / not configured for Spectre mitigations (KPTI, IBRS, retpolines, MDS). Attacker can run their own code in the same hardware context.
§ Steps
- 01Spin up co-resident VM / lambdaInitial AccessT1078— Valid Accounts
- 02Reconstruct kernel / neighbour memoryCredential AccessT1003— OS Credential Dumping
- 03Exfil leaked TLS keys / IAM credsCredential AccessT1552— Unsecured Credentials
- 04Drive speculative loads from target contextCredential AccessHW-SPECTRE— Spectre / Meltdown-class Side-Channel
- 05FLUSH+RELOAD cache probingCredential AccessHW-CACHE-TIMING— Cache Timing Attack (FLUSH+RELOAD / PRIME+PROBE)
- 06Confirm vulnerable microcodeCredential AccessHW-CACHE-TIMING— Cache Timing Attack (FLUSH+RELOAD / PRIME+PROBE)
§ References
- T1078Valid Accounts
- T1003OS Credential Dumping
- T1552Unsecured Credentials
§ Frequently asked
- What is the "Spectre-class side-channel → cross-tenant memory leak" attack path?
- Pre-mitigation cloud VM lets a co-tenant trigger speculative loads from kernel / sibling-VM memory. Cache-side-channel measurements recover sensitive data, including TLS keys + cloud creds. It chains 6 steps drawn from real-world offensive-security techniques.
- What starting position does this attack require?
- The first step is Spin up co-resident VM / lambda (T1078) — a initial access primitive. Assumed environment: shared-host cloud VM / serverless / container runtime not patched / not configured for Spectre mitigations (KPTI, IBRS, retpolines, MDS).
- What is the final impact of this kill-chain?
- The final step lands on Confirm vulnerable microcode (HW-CACHE-TIMING), which falls under Credential Access. From here, an operator typically pivots into post-exploitation or maintains persistence.
- How can defenders detect or prevent this attack?
- Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.
§ Related dossiers
- Shared techniques2
Dev workstation → cloud backup keys → encrypted vault store (LastPass 2022)
Attacker compromised a single LastPass DevOps engineer's home machine via outdated Plex Media Server, harvested AWS keys for the encrypted-vault backup bucket, exfiltrated production vault data.
- Shared techniques2
F5 BIG-IP iControl auth bypass (CVE-2022-1388) → root on LB
Connection-header smuggle bypasses iControl REST auth, command-injection RCE as root. Load balancers see all traffic — recover TLS keys, session cookies, internal SSO config.
- Shared techniques2
Exported ContentProvider → private data leak
App exports a ContentProvider for legitimate inter-app integration but forgets to enforce grantUri / signature permissions — a rogue installed app reads private auth tokens.
- Shared techniques2
TCC bypass → access Photos / Camera without consent
Inject into a process that already has Full Disk Access (e.g. backup utility, Terminal). Inherited TCC entitlement lets the attacker code read TCC-gated data — Photos, iMessage DB, Documents.
- Shared techniques2
User foothold → keychain dump → cloud creds
Standard user shell on macOS. Brute the login.keychain master via ChainBreaker / a keylogged password; dump all entries — Safari saved creds, AWS keys, Slack tokens, SSO cookies.
- Shared techniques2
npm typosquat → developer workstation → corporate VPN
Publish a typosquat npm package; the developer's `npm install` runs the postinstall script, exfils SSH keys + VPN profile, then connects to the corporate network.