430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

Google Chrome users are vulnerable to sensitive data theft

Security experts at Identity Finder demonstrated that Google Chrome users are vulnerable to sensitive Data Theft because the browser stores it unencrypted. Google Chrome is today the most diffused web browser, nearly 39% of internet users have chosen it according the data proposed by StatCounter. The reason of the success behind Google Chrome is its efficiency […]

Google Chrome users are vulnerable to sensitive data theft

Security experts at Identity Finder demonstrated that Google Chrome users are vulnerable to sensitive Data Theft because the browser stores it unencrypted.

Google Chrome is today the most diffused web browser, nearly 39% of internet users have chosen it according the data proposed by StatCounter. The reason of the success behind Google Chrome is its efficiency and simplicity of use, but what can we say about the security? How Google Chrome manage and protect users’ data?

Google Chrome stats

Security experts at Identity Finder published an interesting blog post to highlight a series of security flaws in Google Chrome that could allow an attacker to steal personal data archived in the history files.

Experts at Identity Finder demonstrated different  methods to access personal data from the History Provider Cache in Google Chrome using their Sensitive Data Manager application, even if those data has been submitted through a secure website.

The purpose of the post is to inform Google Chrome that their browser stores sensitive data unencrypted with obvious risks.

The flaws exploitable in Google Chrome are related to SQLite and protocol buffers, used by the popular browser as storage for user’s personal data including names, email, phone numbers, bank details, credit card and social security numbers.

Google Chrome stats Sensitive Data

“Despite employees having entered this information on secure websites, Chrome saved copies of this data in the History Provider Cache. Other SQLite databases of interest include “Web Data” and “History.”  On Windows machines, these files are located at

"%localappdata%\Google\Chrome\User Data\Default\.” 

The attacker needs to have a physical access to the user’s machine, the same results could be obtained if a malicious code is specifically written to exploit well known vulnerability in Google Chrome.

“Chrome browser data is unprotected, and can be read by anyone with physical access to the hard drive, access to the file system, or simple malware,” noted the researchers. “There are dozens of well-known exploits to access payload data and locally stored files.”

Earlier this year, software designer Elliott Kember revealed how to expose users’ passwords saved by Google Chrome simply visiting viewing Chrome’s settings stored under the path chrome/settings/passwords in plain text.

Identity Finder security experts have provided the following Infograph to sensibilize Google Chrome users on the risks of exposure for their data.

Gogole Chrome Infograph

Identity Finder has notified Google of the risk related to the exploit of the flaw, but have not yet received responses. Waiting for Google reply the experts provided the following suggestions:

“Anytime you enter a credit card number or other PII into a form, be sure to “Clear saved Autofill form data”, “Empty the cache”, and “Clear browsing history” from the past hour and the information you typed will be erased. Alternatively, disabling Autofill or using Incognito mode will protect form data.”

Pierluigi Paganini

(Security Affairs –  Google Chrome, privacy)