Google Chrome is a popular web browser used by billions of people worldwide. In a grim episode of security breach, Imperva Red – a cyber security firm has detected a flaw in Google Chrome and Chromium-based browsers, risking data of over 2.5 billion users. Dubbed CVE-2022-3656, this vulnerability allowed for the theft of sensitive files, such as crypto wallets and cloud provider credentials, the firm says.
“The vulnerability was discovered through a review of the ways the browser interacts with the file system, specifically looking for common vulnerabilities related to the way browsers process symlinks,” the blog reads.
Imperva Red defines symlink or a symbolic link as a type of file that points to another file or directory. It allows the operating system to treat the linked file or directory as if it were at the symlink’s location. A symlink, it says, can be useful for creating shortcuts, redirecting file paths, or organising files in a more flexible way. However, such links can also be used to introduce vulnerabilities if they are not handled properly.
In Google Chrome’s case, the issue arose from the way the browser interacted with symlinks when processing files and directories. To be specific, the browser did not properly check if the symlink was pointing to a location that was not intended to be accessible, which allowed for the theft of sensitive files, the blog post states.
Explaining how the vulnerability impacted Google Chrome, the firm says that an attacker could create a fake website that offers a new crypto wallet service. The website could trick the user into creating a new wallet by requesting that they download their ‘recovery’ keys.
“These keys would actually be a zip file containing a symlink to a sensitive file or folder on the user’s computer, such as a cloud provider credential. When the user unzips and uploads the ‘recovery’ keys back to the website, the symlink would be processed and the attacker would gain access to the sensitive file,” the blog states. Imperva Red says that it notified Google of the vulnerability and the issue was fully resolved in Chrome 108. It is advisable for users to always keep their software up to date in order to protect against such vulnerabilities.