Google Chrome Bug Can Lead to Windows Credential Theft
Google Chrome Bug Can Lead To Windows Credential Theft
Date Published: May 18, 2017
• Google Chrome
• Credential Theft
An issue with the manner in which Google Chrome and Windows handle specific file types can lead to credential theft even on up-to-date systems, a DefenseCode researcher has discovered.
While previous research on the leak of authentication credentials using Windows’ Server Message Block file sharing protocol focused only on attacks involving Internet Explorer and Edge, DefenseCode’s Bosko Stankovic discovered that even the most popular browser out there can be used as an attack vector.
|In a paper titled Stealing Windows Credentials Using Google Chrome, Stankovic explains that the attack abuses Chrome’s default configuration, where the browser automatically downloads files that it deems safe. What’s more, it doesn’t even prompt the user for a download location, but uses the present one instead.|
What this means is that the browser could download malicious files that it deems safe and save them to disk without user’s knowledge. While most files would require some sort of user interaction to perform malicious operations on the systems, there are file types that don’t and an attacker could exploit these to compromise even systems with the latest patches installed.