A ‘CYBER GAP’ has been spotted by experts in Google Chrome, which affects over 2.5billion users.
Google Chrome users have been urged to check their settings immediately to make sure they are protected against the vulnerability.
Cybersecurity experts at Imperva found a vulnerability within Google Chrome which lets hackers steal sensitive data through symbolic links, also known as symlinks.
Symlinks can take users directly to a file, simply by clicking on a link.
Google Chrome will usually alert users when a link is risky.
But the ‘cyber gap’ means that the browser does not properly check if the symlink was pointing to a location that was not intended to be accessible, which allowed for the theft of sensitive files, the cybersecurity company warned.
Impreva raised concerns with Google, which then swiftly patched up the hole on the newest version of the browser – Chrome 108.
Users must make sure their they have updated their browser to Chrome 108 to avoid falling victim to these symlink attacks.
Ron Masas, a researcher at Imperva, said: “An attacker could create a fake website that offers a new crypto wallet service.
“The website could trick the user into creating a new wallet by requesting that they download their ‘recovery’ keys.
“These keys would actually be a zip file containing a symlink to a sensitive file or folder on the user’s computer, such as a cloud provider credential.
“When the user unzips and uploads the ‘recovery’ keys back to the website, the symlink would be processed and the attacker would gain access to the sensitive file.
“The user may not even realize that anything is amiss, as the website could be designed to look legitimate and the process of downloading and uploading the “recovery” keys could appear normal.”
Table of Contents
How to protect yourself against crypto theft
Hackers are increasingly targeting people who own cryptocurrencies, Masas explained.
“To protect your crypto assets, it is important to keep your software up to date and avoid downloading files or clicking on links from untrusted sources,” he said.
“It is also a good idea to use a hardware wallet to store your cryptocurrencies, as these devices are not connected to the internet and are therefore less vulnerable to hacking attempts.”
Masas has also advised crypto holders to consider using a password manager to generate strong, unique passwords for crypto accounts.
Enabling two-factor authentication whenever possible is also a good move.
“By taking these precautions, you can reduce the risk of your crypto being stolen by hackers,” he said.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at email@example.com
Click Here For More Tech News