Users need to be wary as scheme flooding is on the rise

by Vlad Turiceanu
Vlad Turiceanu
Vlad Turiceanu
Passionate about technology, Windows, and everything that has a power button, he spent most of his time developing new skills and learning more about the tech world. Coming... read more
Affiliate Disclosure
  • While online, personal data security should be mandatory for everyone involved.
  • Researchers warn users of new threats they face while using popular browsers.
  • The scheme flood vulnerability allows for targeted advertisement and user profiling.
  • Users with VPNs are also affected and there are no known fixes yet for this issue.
Scheme flooding alert

We can all agree that, because we perform so many actions online that involve our sensitive data and money, staying safe and under the radar of malicious entities should be our top priority.

Choices we make while on the internet, as well as our preferences, could be used by advertisers, malevolent individuals, and other third parties to create certain pattern algorithms.

These browsers are vulnerable to scheme flooding

Even though new security measures, features, and updates are applied all the time, Firefox, Chrome, Safari, and Tor are the four browsers that are vulnerable to this sort of exploits.

Senior software engineer and researcher Konstantin Darutkin spoke about this phenomenon and warned users worldwide about the potential implication that such actions could have.

These operations have been dubbed “scheme flooding” by the group of researchers, because of the fact that the attackers are able to use the browsers’ built-in custom URL scheme against us.

The scheme flood vulnerability allows for targeted advertisement and user profiling without user consent. The list of installed applications on your device can reveal a lot about your occupation, habits, and age. For example, if a Python IDE or a PostgreSQL server is installed on your computer, you are very likely to be a backend developer.

By using this technique, our devices are flooded with URL scheme requests used for acknowledging the presence of popular apps like Spotify, Zoom, Slack, Telegram, Discord, Steam, Xcode, Microsoft Word, NordVPN, or Hotspot Shield.

The more disconcerting news is that this can happen even if the users switch between browsers or try using a VPN, or incognito mode.

A combination of CORS policies and browser window features can be used to bypass the safety mechanisms.

According to the researchers, this manner of virtual intrusion can also be successfully used on other browsers, such as Brave, Microsoft Edge, and Yandex.

Although this issue didn’t just emerge overnight, it seems that the developers of the browsers above mentioned have not yet grasped the magnitude of the situation.

This vulnerability has been possible for more than 5 years and its true impact is unknown.

It remains to be seen how quick the tech companies will react and, more important, fix these privacy mishaps. It goes without saying that users will not be pleased to hear this news.

In the meantime, remember that until this vulnerability is fixed, the only way to have private browsing sessions not associated with your primary device is to use another device altogether. 

Let us know in the comments section below if you had such security concerns until now and how you addressed them.

This article covers:Topics: