The only trustworthy information source available nowadays is Google. Along with acceptance, the chance of a data breach is increasing. Google Chrome is a well-liked web browser with billions of users worldwide.
A security vulnerability that affected over 2.5 billion users of Google Chrome and Chromium-based browsers has the potential to allow the theft of private data, such as cryptocurrency wallets and login credentials. A vulnerability found by the cyber security firm Imperva Red in Google Chrome and Chromium-based browsers put the data of over 2.5 billion people at risk.
The problem, according to cybersecurity company Imperva, was caused by how the browser interacted with the file system, notably by how it handled symlinks. Imperva added that the problem has been rectified.
The organization claims that the CVE-2022-3656 vulnerability makes it possible to steal confidential data, including login credentials for cloud service providers and bitcoin wallets. According to the sources, the error was discovered while examining how the browser interacts with the file system and specifically looking for widespread issues with how browsers handle symlinks.
A symbolic link, according to Imperva Red, is a sort of file that directs users to another file or directory. The linked file or directory can then be treated by the operating system as if it were physically present where the symlink is. This means that a symlink can help make shortcuts, change file paths, or more easily organize files. If not managed properly, these linkages may also be utilized to expose vulnerabilities.
The company claims that to demonstrate how the problem affected Google Chrome, a hacker might develop a false website that promotes a brand-new bitcoin wallet service. Once the user has downloaded their “recovery” keys, the website can deceive them into creating a new wallet.
