Google Chrome security flaw hits 2 billion browser users, posing threat of widespread data theft

Written By DNA Web Team | Updated: Jan 14, 2023, 11:24 PM IST

Google Chrome and Chromium-based browsers were vulnerable to stealing billions of users' data.

Google Chrome and Chromium-based browsers were vulnerable to stealing billions of users' data.

Google Chrome is vulnerable to a new security flaw, which affects more than 2 billion users. Imperva Red, a cyber security outfit, has revealed a critical flaw in Google Chrome and other Chromium-based browsers; the flaw has been given the name CVE-2022-3656. Due to the security breach, private information like bitcoin wallets and passwords might be stolen.

According to the cybersecurity firm (Imperva Red), the flaw was uncovered via an examination of the browser's interaction with the file system, in particular the search for vulnerabilities associated with symlink processing.

Symlinks, also known as symbiotic links, are files that point to another file. The Imperva team outlined how symlinks provide similar risks. That's how Chrome browsers were compromised by this flaw.

The cyber security research team described a possible attack scenario in which the attacker would generate a false cryptocurrency wallet and the website would then prompt visitors to obtain their recovery keys. You will get a symlink instead of a regular file when you download this. Your cloud service provider's login information may be stored in this file. The worst thing is that people won't even know their private information has been leaked.

Also, READ: Amazon Prime Lite under testing in India, subscription to start from Rs 999: Report

Chrome users may shield themselves from the browser's security flaws. The investigation group reported that the problem was not entirely fixed by the first bug patch introduced in Chrome 107. But with Chrome 108, they fixed it completely. Thus, it is recommended to always run the most recent software versions to safeguard against security flaws.