Information security researchers have discovered a critical security vulnerability in Chrome and other browsers based on the Chromium project, affecting about 2.5 billion users worldwide.

Imperva researchers said the severity of the vulnerability lies in the fact that it allows hackers to steal users’ sensitive files, including: the contents of cryptocurrency wallets and login credentials.

The way Chrome and browsers based on the Chromium open source web browser project interact with so-called symbolic links in file systems has a flaw, the researchers say.

The researchers explain that symbolic links (Symlinks) are files that link to another file or directory in operating systems, and they allow the system to treat the file or directory associated with the original files as if they were in the same location.

“These (symbolic links) can be useful for creating shortcuts, redirecting file paths, or organizing files in a more flexible way,” the researchers explained in their Imperva blog. But if these files are not handled properly, they can turn into a vulnerability for hackers.

Describing a possible attack scenario, the researchers stated that a hacker could create a fake cryptocurrency wallet and a website that asks users to download his recovery keys.

In the event that the victim downloads these files, they may be symbolic links to a confidential file or folder on the user’s computer, and due to a flaw in the browser’s handling of these files, this may lead to the theft of cryptocurrency wallets and credentials. on the device.

Worst of all, according to the researchers, is that the victim will be completely oblivious to the fact that their confidential data has been compromised, especially since many cryptocurrency wallets and other online services require users to upload recovery keys to access their accounts. records.

“In the attack scenario described above, an attacker would take advantage of this common practice by providing the user with a zip file containing a symbolic link instead of physical recovery keys,” the researchers said.

The vulnerability is currently being tracked under an identifier (CVE-2022-3656) and Google has fixed it in version 108 of the Chrome browser, so users are advised to install the latest version of the browser and browsers based on the Chromium project before downloading any recovery keys.

Previous articleAnti-Semites desecrate second Greek Jewish site in Thessaloniki
Next articleThe US House of Representatives bans the sale of oil from the Strategic Reserve to China
Clayton Turner is a news reporter and copy editor for 24PalNews. Born and raised in Virginia, Clayton graduated from Virginia Tech’s Frank Batten School of Leadership and Public Policy and majored in journalism.

Leave a Reply