Tech

Alert! Google Chrome Users’ Data Is At Risk

Published

1 year ago

January 18, 2023

Alert! Google Chrome Users' Data Is At Risk

(CTN News) – Google Chrome is one of the most popular web browsers in the world, used by billions of people worldwide.

Imperva Red, a security firm that specializes in cyber security, has discovered a flaw in Google Chrome and Chromium-based browsers, putting more than 2.5 billion users’ data at risk as a result of the security breach.

As outlined in the company’s post, CVE-2022-3656 was a vulnerability that allowed the theft of sensitive files, such as crypto wallets and the credentials of cloud providers, to be exploited.

The vulnerability was found after examining the ways in which the browser interacts with the file system, specifically looking for common vulnerabilities associated with the way that browsers process symlinks,” the blog explains.

What is a symlink?

According to Imperva Red, a symlink or symbolic link is a type of file that points to another file or directory within an Imperva Red installation.

As a result of this, the operating system treats the linked file or directory as if it were located at the same location as the symlink.

It suggests that a symlink can be useful for creating shortcuts, rerouting file paths, or organizing files in a more flexible manner as a result of creating shortcuts.

Moreover, if these links are not handled in a proper manner, they can also become a source of vulnerabilities.

In the case of Google Chrome, the issue was caused by the way the browser handled symlinks when processing files and directories.

The browser did not properly check if the symlink pointed to a location that was not intended to be accessed. This allowed sensitive files to be stolen, according to a blog post.

What is the impact of symlinks on Google Chrome?

Described as a vulnerability in Google Chrome, the firm claims that an attacker could create a fake website that offers a brand-new crypto wallet service. The website can then trick the user into creating a new wallet by requesting that they download their ‘recovery keys’.

“These keys would actually be a zip file containing a symlink to a sensitive file on the user’s computer, such as a cloud provider credential.

As soon as the user unzips and uploads the ‘recovery’ keys, the symlink would be processed, enabling the attacker to access the sensitive data,” the blog states.

Is there anything we should do?

It has been reported that Imperva Red notified Google of the vulnerability and that the issue has been fully resolved in Chrome 108. To prevent such vulnerabilities, it is recommended that users keep their software up to date at all times.