DETECTION AND PREVENTION OF ACCESSIBILITY CLOAKING ATTACKS

Digital environments enable greater integration of people with disabilities into economic and social life, supported by legislative accessibility requirements. However, this progress creates new cybersecurity vulnerabilities, particularly for assistive technology users. Objective. The objective of our study was to identify and analyze potential attack vectors associated with the unethical use of accessibility technologies and to develop methods for their detection and prevention, with specific focus on accessibility cloaking techniques. Methods. We conducted an analysis of popular assistive browser extensions and their detection methods, implemented proof-of-concept accessibility cloaking techniques using HTML and CSS, and evaluated the effectiveness of current automated testing tools in detecting these manipulations. Based on identified vulnerabilities, we developed a CLI application using AXE-Core for automated detection of accessibility cloaking markers. Results. Our analysis revealed multiple HTML/CSS-based techniques that create different experiences for users with and without assistive technologies, enabling malicious content to be hidden from regular users. While these techniques violate multiple WCAG success criteria, current automated testing tools (Wave, Axe, Lighthouse) largely failed to detect such manipulations. Our proof-of-concept detection tool, based on an agent architecture approach, successfully identified these accessibility cloaking techniques. Conclusion. Ensuring web resource accessibility without compromising security requires a comprehensive approach including regular security audits, additional verification of content displaying differently for different user groups, developer training, and automated detection tools. Our findings emphasize that accessibility’s purpose is to make content equally accessible to all users, not to create separate or hidden experiences that can be exploited for malicious purposes.