New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
09 June 2026
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt.
You open the page, leave the tab sitting there, and it watches the drive for contention in the background.
Researchers at Graz University of Technology built it and