Home > Our Products > Mouse Movement Tracking Facilitated by a Security Flaw in Internet Explorer

Mouse Movement Tracking Facilitated by a Security Flaw in Internet Explorer

Microsoft’s latest version of the Internet Explorer has been in the news for both good and bad reasons since its release. Being one of the leading browsers in the world, consumers expect it to be very safe and secure. The ongoing tussle between online advertising companies and Microsoft about enabling ‘Do Not Track’ option by default has instilled a sense of security among its users. But when everything seemed good, a security flaw in the browser has been unearthed. Reportedly, this security flaw allows cybercriminals to track the mouse movements of the user. In a time when users want to stop cookies/tracking online at any cost, this seems like a grave error on the part of Microsoft developers.Mouse Movement Tracking Facility

Spider.io, an Analytics Firm Discovers the Security Flaw

Spider.io is an analytics firm that is based in the city of London in the United Kingdom. This firm has established a reputation for itself as being proactive and very effective in determining online security flaws. According to a release by this firm, the tests they performed on the latest versions of Internet Explorer allowed them to actually track the mouse movements of the user easily. The flaw was also not too difficult to exploit; even the most inexperienced hackers can exploit this security flaw with a little effort.

Consequences of This IE Security Flaw

You might be aware of the fact that banks promote the usage of virtual keyboard instead of your usual physical keyboards for the fear of key loggers. With this security flaw, if the hackers get a general idea of the randomization algorithm used by the bank website and your mouse tracking data, they can easily figure out the password.

Also, online tracking gets a whole new dimension if mouse movements tracking are available. Your online activities can be easily determined and even an algorithm can be designed to identify trends from your mouse activity logs.

Three Major Analytics Companies Already Exploiting This Vulnerability

As if the vulnerability was not enough on our plate already, Spider.io said that three major online analytics companies are already exploiting this vulnerability in Internet Explorer. This fact was revealed by the CEO of Spider.io in an interview that he gave to The Guardian. He said that all the three companies are large advertising companies that provide analytics solutions to advertisers, generating more than billions of page views on a monthly basis. With this trend, he concluded by saying that almost every user in the United States who uses Internet Explorer browser is victim to this mode of exploitation.

Attack Vector Can Be Used In Almost All Major Sites

Most of the leading websites promising high level of security, and you might feel that the website security might make up for the security flaw of the browser. However, the CEO of Spider.io pointed out that this is not the case. He said that the attack vector that is employed in this particular security vulnerability exploitation can be used in sites with even the highest level of security. He added that as long as you are using Internet Explorer browser, you are vulnerable to this threat, irrespective of the site you are browsing on. Apparently, the usage of VPN or other anonymity services also does not allow you to safeguard yourself.

Microsoft Has No Plans to Patch the Gaping Hole

The release by Spider.io also has a section where it states that the company had pointed out this vulnerability to Microsoft. However, there was no acknowledgment of the flaw or hints of any plans to fix this glaring security error in existing or past versions of Internet Explorer. This is surprising considering Microsoft is facing stiff competition in the IT world and every move of theirs has an impact on the reputation and business they generate.

Categories: Our Products
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: