Chromium browser vulnerability puts confidential data at risk
In their new tactics, hackers are now targeting people and organisations that own cryptocurrencies, as these digital assets can be extremely valuable. One common tactic hackers use to exploit software vulnerabilities, gain access to crypto wallets and steal the funds they contain.
There are details of a now-fixed vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, would allow files containing confidential information to be deleted.
The problem was caused by how the browser interacted with symbolic links when dealing with files and folders. The browser did not accurately verify that the symbolic link leads to a location where it was not intended to be used, which allows the theft of sensitive files.
Google described the problem as insufficient file system data validation and issued fixes in versions 107 and 108, released in October and November 2022.
SymStealer is a type-binding vulnerability at its core. The exposure known as symlink has tracking that occurs when an attacker abuses the feature to bypass a program's file system restrictions to work with unauthorised files.
A deeper analysis of Chrome's file processing mechanism and Chromium, by extension, found that when a user dragged a folder directly onto a file input element, the browser resolved all symlinks recursively without warning.
In a hypothetical attack, they trick a victim into visiting fake websites and downloading a valuable file or folder in a computer's ZIP archive containing symbols such as wallet keys and user data. In this situation, the victim may not even realize they have been scammed. Many cryptocurrency wallets or other online services require users to download recovery keys as a backup in case they lose access to their account, perhaps because they forgot their account.
Masas created a proof-of-concept attack using CSS to manipulate the browser's file input element. By expanding the file input element, he ensured that all files that landed on the page were loaded, which allowed him to exploit a symlinking vulnerability to filter files.
If you use Chrome or a Chromium-based browser like Microsoft Edge, it's important to keep them updated and be even more careful when uploading files. Users can also consider using a hardware wallet to store crypto assets and improve the security of their credentials by using password managers or multi-factor authentication (MFA).