/?pid=google-chrome-security-vulnerability-could-lead-to-crypto-wallet-steal-23757

Updated:05:14 AM EDT Mar 29


this is ggmania.com subsite Google Chrome Security Vulnerability Could Lead To Crypto Wallet Steal - TechAmok

Google Chrome Security Vulnerability Could Lead To Crypto Wallet Steal - [security]
11:17 AM EST - Jan,15 2023 - post a comment

Imperva's cybersecurity specialists discovered a problem with how the roughly 2.5 billion users of Chrome and Chromium-based browsers interacted with file systems, more specifically, how browsers handle symlinks.

The vulnerability allows hackers to steal sensitive user files, such as login credentials and cryptocurrency wallet codes. The vulnerability is caused by a malfunction in the Chromium browser's symlink processing.

According to Imperva, symlinks (also known as symbolic links) are files that point from a web browser to other files, known as directories.

This allows Chromium to treat connected files or directories as if they belonged to the file address itself. The researchers found that the browser failed to check correctly to see if the symlink was referring to a location intended to be inaccessible, which means that if these files aren't handled properly, they potentially present vulnerabilities. A threat actor could construct a phony cryptocurrency wallet and a website that would ask users to obtain their recovery keys in order to launch an attack. A genuine symlink to a private file or folder on the user's computer would be contained in the downloaded file. It's possible that the file contains cloud provider login information or anything similar. Experts have found that the Chromium browser does not determine whether the address of the file that the symlink navigates to is allowed to be accessed. The worst case scenario is that the victim would be utterly unaware that their private information has been hacked.

This vulnerability has a tracking code of CVE-2022-3656. This has been fixed by Google in the Chrome 108 update.

Short overview of recent news articles

Whatever Happened To Acer? (Mar,29 2024 )

Intel's Battle Has Just Begun (Mar,28 2024 )

Unreal Physics is a new free game on Steam (Mar,27 2024 )

Is The World's Cheapest Hardware Wallet SafePal S1 Worth It? (Mar,27 2024 )

Yes, this was a Bad Idea (Emergency Wall-Mounted PC Build) (Mar,27 2024 )

11 Cool Command Line Programs You Need to See (Mar,27 2024 )

When you Accidentally Compromise every CPU on Earth (Mar,26 2024 )

Everyone Who Tried This Has FAILED - Khadas Mind Modular PC (Mar,24 2024 )

Air Cooling is Dead (Mar,24 2024 )

US Justice Dept. Sues Apple for Monopolistic Behavior in Smartphones (Mar,24 2024 )

Beetlejuice Beetlejuice - Official Teaser Trailer (2024) Michael (Mar,24 2024 )

Alien: Romulus | Teaser Trailer (Mar,22 2024 )

NVIDIA Is On a Different Planet (Mar,22 2024 )

Everyone Needs This and it's Under $10 - Handy Tech Under $100 (Mar,21 2024 )

20 COOL GADGETS FOR 2024 (Mar,21 2024 )

Nvidia's 5090 Is Built From WHAT?! (Mar,21 2024 )

Parasyte: The Grey | Official Trailer | Netflix (Mar,20 2024 )

Fastest m.2 on Planet EARTH | Crucial T705 Nvme Review (Mar,20 2024 )

LG's new 480Hz OLED dual-mode monitor (Mar,20 2024 )

First 9.1 GHz CPU (overclocked 14900KS) (Mar,19 2024 )

Haley Messick - Saatisfaction @bennybenassi - In10sive Mastercamp (Mar,18 2024 )

1000W CPU: The Most Powerful Desktop Processor (Mar,18 2024 )

Expands Snapdragon 8 Series to Cover More Price Points (Mar,18 2024 )

Train Vs Lamborghini (Mar,17 2024 )

Don't use a Microsoft Account! (Mar,16 2024 )

This Ghillie Made from MIRRORS is SHOCKINGLY GOOD (Mar,16 2024 )

How Hackers Deliver Malware to Hack you using Social Media (Mar,16 2024 )

Call of Duty: Warzone Mobile - Launch Trailer (Mar,15 2024 )

Intel's 4th Attempt At Beating Ryzen - "New" 6.2GHz Core (Mar,14 2024 )

Asus Goes Big with Zenfone 11 Ultra (Mar,14 2024 )

House Passes Bill to Force Sale of TikTok (Mar,14 2024 )

Motorola Brings More Affordable 5G Phones to its 2024 Lineup (Mar,14 2024 )

Capristan Swim - Miami Swim Week | Art Basel Miami (Mar,14 2024 )

The Most Stunning All SSD NAS Ever? Inside QNAP's All-SSD (Mar,11 2024 )

M2 vs M3 MacBook Air - ULTIMATE Comparison! (Mar,11 2024 )

Risky PC Experiment: Direct CPU Water-Cooling! Can It Survive? (Mar,11 2024 )

SpaceX Falcon 9 rocket launches 23 Starlink satellites from (Mar,11 2024 )

I tried the Cheapest Arduino Alternative (that Nobody heard of) (Mar,10 2024 )

This is the WEIRDEST PC I've ever seen. (Mar,10 2024 )

Nvidia Retires GTX 16 Series, GDDR7 Arrives, FSR Upscaling Going AI? (Mar,10 2024 )

The New BIOS Hack That Bypasses Every Antivirus (Mar,09 2024 )

Microsoft says it hasn't been able to shake Russian state hackers (Mar,09 2024 )

iOS 17.4, Out Today, Brings Transcripts to Apple Podcasts (Mar,09 2024 )

Microsoft Kills Android-on-Windows (Mar,09 2024 )

Don't Make These Common PC Building Mistakes! (Mar,08 2024 )

Sydney Sweeney Gets Outcast By Her Hooters Co-Workers On 'SNL' (Mar,07 2024 )

How A Journalist Uncovered America's Secret Doomsday Bunkers (Mar,07 2024 )

Government Banning Hardware Wallets? (Mar,07 2024 )

Xiaomi 14 Ultra Full Review: I prefer to call it '13S Ultra' (Mar,07 2024 )

Windows Defender vs Ransomware 2024 (Mar,05 2024 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs