New Delhi: Gone are the days when you have to physically visit the place to seek any information about anything and the place. Now each and every piece of information is available on Google. Along with the growing acceptance, data threat risk is also growing. As we know that billions of users throughout the world use the well-known web browser Google Chrome. Imperva Red, a cyber security company, has discovered a vulnerability in Google Chrome and Chromium-based browsers, putting the data of over 2.5 billion users at risk.
According to the company, a vulnerability known as CVE-2022-3656 allows for the theft of private information like cloud provider logins and crypto wallets. The vulnerability was found during an assessment of how the browser interacts with the file system, primarily searching for widespread flaws relating to how browsers handle symlinks, according to the blog. (Also Read: BAD NEWS for Loan borrowers! SBI hikes lending rates by up to 10 bps– Check new rates here)
A symbolic link is a sort of file that points to another file or directory, according to Imperva Red. The linked file or directory can then be treated by the operating system as though it were present where the symlink is. It claims that a symlink can be helpful for making shortcuts, changing file paths, or more flexible file organisation. (Also Read: Tips and Tricks: Follow THESE 5 techniques to SAVE income tax)
If they are not managed appropriately, these linkages could likewise be utilised to expose vulnerabilities.
The company explains how the flaw affected Google Chrome by saying that a hacker might make a false website that promotes a fresh crypto wallet service. By asking them to download their “recovery” keys, the website might then deceive the user into creating a new wallet.