Google Chrome Zero-Day Lets Hackers Harvest User Data

A zero-day vulnerability in Google Chrome allows hackers to harvest personal data using nothing else than malicious PDF documents loaded in the browser.

Discovered by EdgeSpot, the security flaw is already being exploited in the wild and an official fix would only be released by Google in late April.

The PDF documents do not appear to leak any personal information when opened in dedicated PDF readers like Adobe Reader. However, it seems the malicious code specifically targets a vulnerability in Google Chrome, as opening them in the browser triggers outbound traffic to one of two different domains called burpcollaborator.net and readnotify.com.

The exposed data includes the IP address of the device, the operating system and Google Chrome versions, as well as the path of the PDF file on the local drives.

Interestingly, the malicious PDF documents aren’t detected as potentially… (read more)

Source link

Remember to like our facebook and our twitter @geekchrome for a chance to win a free android tablet every month!

Quick Links: Download Chrome GamesTop 5 Dress Up Games For Girls On Chrome | Top 5 iTunes Alternatives On Chromebook | Best Photoshop Alternatives On Chromebook | Download Google Chrome Apps

Juniya

Juniya

A web developer, programmer, ubuntu and chrome os supporter. I also love comic books and I enjoy researching history facts, kind of weird right? My role on Chromegeek.com is to make sure everything works 24/7.