Skip to content
Crypto Birb
Crypto Birb

Your Crypto & Blockchain Encyclopedia

  • HOME
  • Crypto News Live (English)
  • BLOG POST
  • BLOGS IN HINDI
  • Web Stories
  • Crypto Tools
  • Our Services
  • CONTACT US
Crypto Birb

Your Crypto & Blockchain Encyclopedia

crome security
January 15, 2023January 15, 2023

Google chrome security vulnerability detected could lead to crypto wallet stealing

Sharing is caring!

  • Facebook
  • Twitter
  • LinkedIn

Many crypto wallets and online services require users to download recovery keys in order to login to accounts. These keys serve as a backup in the event that the user is unable to access the account due to any reason. An attacker can take advantage by providing the victim with a zip file that contains one of these symlinks instead of the actual keys for recovery.

Google Chrome is a web browser that is used by internet users from across the globe. A new cyber security company claims to have found vulnerabilities in Google Chrome and Chromium-based browsers that puts the data of more than 2.5 billion people at danger.

In its blog in which the cyber security company called Imperva Red has disclosed that the vulnerability is referred to CVE-2022-365, which permits loss of sensitive data such as cloud wallets, crypto wallets, and provider credentials.

The blog refers to an type of file called “Symlink,” that points to a directory or another file. The Symlink file also permits an operating system recognize the directory or file linked in the same way as if it were its original location.

The blog mentions that links can be vulnerable when they are not managed properly. The browser was not able to determine whether the symlink was directed to a destination that wasn’t intended to have access rights, which could have led to access to sensitive data.

Imperva Red has warned that an attacker may create fake websites that pretend to provide the service of a crypto wallet. The fake website could trick users to create new wallets under the pretense of requesting download “recovery keys”.

The blog claims that, according to keys are nothing more than the contents of a zip file that includes symlinks to the folder or file that is sensitive on the computer of the user. The site could be designed in an approach that appears authentic and the procedure to upload and download “recovery keys” could appear normal.

Many crypto wallets and other services generally require clients to download keys to recover in order to access their accounts. They can be used as backups in the event the user loses access to their account. However, attackers can abuse this method by giving an unzip file that contains an symlink for the user instead of actual recovery key. If it is uploaded the attacker could gain access to the private files on the computer of the user through processing the symbol.


The hackers target people and organizations that hold cryptocurrency as these digital assets are highly valuable. The blog recommends keeping your software up-to-date and avoid downloading files from dangerous sources.

Sharing is caring!

  • Facebook
  • Twitter
  • LinkedIn
CRYPTO NEWS

Post navigation

Previous post
Next post

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Posts

  • G-7 Takes Aim at Crypto Regulations: Tougher Rules Ahead ?
    CRYPTO NEWS Crypto Regulations

    G-7 Takes Aim at Crypto Regulations: Tougher Rules Ahead ?

    April 2, 2023
  • The Looming Social Security Crisis: Is Your Retirement Safe?
    Alert CRYPTO NEWS

    The Looming Social Security Crisis: Is Your Retirement Safe?

    April 2, 2023
  • Bank Runs and Bitcoin: A Look at History, Risks, and Solutions
    CRYPTO NEWS

    Bank Runs and Bitcoin: A Look at History, Risks, and Solutions

    April 1, 2023
  • Crypto under Fire: How the US Government’s Actions are Impacting the Industry
    Uncategorized

    Crypto under Fire: How the US Government’s Actions are Impacting the Industry

    April 1, 2023
  • 7 Best Ways to Earn Free Cryptocurrency in 2023
    CRYPTO NEWS Technology

    7 Best Ways to Earn Free Cryptocurrency in 2023

    March 19, 2023
  • Breaking News: RBI and UAE Central Bank Sign MoU to Revolutionize Financial Innovation(CDBC)
    Alert CRYPTO NEWS

    Breaking News: RBI and UAE Central Bank Sign MoU to Revolutionize Financial Innovation(CDBC)

    March 19, 2023
  • BlackRock explores tokenization of stocks
    CRYPTO NEWS

    BlackRock explores tokenization of stocks

    March 19, 2023
  • How Whales Move $1 Billion Worth of USDT Off Crypto Exchanges in Just Days
    Alert CRYPTO NEWS Why Crypto down today

    How Whales Move $1 Billion Worth of USDT Off Crypto Exchanges in Just Days

    March 16, 2023
  • We are thrilled to announce that Uniswap has expanded its exchange services to the Binance Smart Chain!
    CRYPTO NEWS Technology

    We are thrilled to announce that Uniswap has expanded its exchange services to the Binance Smart Chain!

    March 16, 2023
  • India Takes Firm Action Against Cryptocurrency Crimes Under PMLA Regulations
    CRYPTO NEWS

    India Takes Firm Action Against Cryptocurrency Crimes Under PMLA Regulations

    March 15, 2023

Recent Comments

  1. Ahmed Uphaus on अल सल्वाडोर का सकल घरेलू उत्पाद अपने इतिहास में पहली बार दो अंकों से बढ़ गया – राष्ट्रपति बिटकॉइन से संबंधित प्रौद्योगिकियों पर अधिक ध्यान केंद्रित किया है
  2. Seymour Santini on Crypto Meaning in Hindi
  3. admin on The Metaverse is Expanding and Merging The Science Fiction Elements Into Virtual Reality!
  4. Abdul Razzaq on The Metaverse is Expanding and Merging The Science Fiction Elements Into Virtual Reality!
  5. Indu vashish on What is Play To Earn Game Token?

Archives

  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021

©2023 Crypto Birb | WordPress Theme by SuperbThemes