Chrome users data is at risk says a cyber security firm

Key Takeaways:

• The data of over 2.5 billion users are allegedly exposed by a bug in Google Chrome and Chromium-based browsers, according to a recent cyber security firm.
• According to a warning from Imperva Red, an attacker might make a fake website pretending to offer a crypto wallet service.

Netizens from all over the world use the web browser Google Chrome. A recent cyber security company claims to have found a bug in Google Chrome and Chromium-based browsers that exposes the data of over 2.5 billion users.

‘CVE-2022-365’ is a vulnerability that allows the theft of sensitive files like crypto wallets and cloud provider credentials, according to a blog post by the cyber security company Imperva Red.

A “Symlink” file, which points to another file or directory, is the type of file the blog refers to. Additionally, this file enables the operating system to handle the linked file or directory as if it were its actual location.

According to the blog, these symlinks can introduce vulnerabilities if not handled properly. Because the browser did not check to see if the symlink was pointing at a place that was not intended to be accessible, private information could have been stolen.

According to a warning from Imperva Red, an attacker might create a fake website pretending to provide a crypto wallet service. By requesting that they download “recovery keys,” this fake website can trick users into creating new wallets.

According to the blog, the keys are simply a zip file containing a symlink to a private file or folder on the user’s computer. The website may be created to look trustworthy, and the uploading and downloading of the “recovery keys” may appear to be a normal process.

Many cryptocurrency wallets and other services typically require users to download recovery keys to access their accounts. These keys serve as a backup if the user loses account access. However, an attacker can abuse this by providing the user with a zip file that contains a symlink rather than actual recovery keys. If uploaded, the attacker can use the symlink to access private files on the user’s computer.

Since these digital assets can be precious, the hackers specifically target people and companies that hold cryptocurrencies. The blog advises against downloading files from nefarious sources and keeping software updated.