Details about vulnerabilities currently being patched in Google Chrome and Chromium-based browsers have emerged. A successful exploit could have siphoned files containing sensitive data.
“The problem was due to the way browsers interacted with symbolic links when processing files and directories,” said Imperva researcher Ron Masas. Sensitive files could be stolen because browsers did not properly check if they were pointing to locations that were not.”
Google characterized the medium-severity issue (CVE-2022-3656) as insufficient data validation in the file system, fixed in versions 107 and 108 released in October and November 2022 has been released.
The vulnerability, called SymStealer, is essentially related to a type of vulnerability known as symbolic link (aka symbolic link) tracking. This can occur if an attacker abuses this feature to bypass a program’s file system restrictions and manipulate unauthorized files.
Imperva’s analysis of Chrome’s file handling mechanism (and Chromium’s extension) shows that when a user drags and drops a folder directly onto a file input element, the browser recursively resolves all symbolic links without warning. I understand.
In a hypothetical attack, an attacker could trick a victim into visiting a fake website and downloading a ZIP archive file containing symbolic links to important files or folders on their computer, such as wallet keys or credentials. there is.
When the same symlink file is uploaded to a website as part of an infection chain (for example, a crypto wallet service asking users to upload a recovery key), this vulnerability can be exploited to reveal the actual file containing the key phrase. A symbolic link that accesses the file in .
To add even more credibility, a proof of concept (PoC) devised by Imperva uses CSS tricks to resize the file input element so that file uploads work no matter where the folder is dropped on the page. to be triggered by Enables information theft.
“Hackers are increasingly targeting individuals and organizations holding cryptocurrencies because these digital assets can be so valuable,” said Mathas. “One common tactic used by hackers is to exploit software vulnerabilities. […] In order to access crypto wallets and steal the funds contained therein. “
