A vulnerability in Google Chrome browser may allow hackers to steal sensitive files such as cryptocurrency wallets

2023-01-13 10:33:09

Collection

ChainCatcher news, security company Imperva has revealed a Chrome browser security vulnerability named CVE-2022-3656, which has affected over 2.5 billion users and allows the theft of sensitive files, including cryptocurrency wallets and cloud service provider certificates.

In this case, attackers may create a fake website offering a new cryptocurrency wallet service, which can trick users into creating a new wallet by asking them to download their "recovery" keys. These keys are actually a zip file containing symbolic links to sensitive files or folders on the user's computer. When the user unzips and uploads the "recovery" keys back to the website, the symbolic links will be processed, giving the attacker access to the sensitive files. (Source link)

Related tags

Google vulnerability security

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.