Jan 14, 2023

This flaw in Google Chrome & Chromium-based browsers enabled data theft of information such as cryptocurrency wallets and credentials from over 2.5 billion users

Posted by in categories: cryptocurrencies, cybercrime/malcode

Researchers from the cyber security firm Imperva Red Team have disclosed information on a newly found and fixed vulnerability that affected over 2.5 billion Google Chrome users as well as all Chromium-based browsers such as Edge and Opera.

The vulnerability, which is identified as CVE-2022–3656, makes it possible for remote attackers to acquire sensitive user data such as passwords for cloud service providers and knowledge about cryptocurrency wallets. After further investigation, it was determined that the problem was caused by the manner in which the Chrome browser dealt with symlinks when processing directories and files.

Because of this vulnerability, an attacker can use social engineering to convince a victim to visit a website that has been compromised and then download a ZIP archive file from that website. The file will contain a symlink to a valuable folder or file that is already present on the device, such as wallet keys. The user is requested to input their recovery keys whenever this file is sent back to this site as a component of an infection chain, such as a crypto wallet service.

Comments are closed.