Makerere University

Enter a keyword or two into the search box above and click search..

Chrome vulnerability can allow attackers to steal user credentials

You are here

Google Chrome may not be as safe as it was thought to be. Recently, a security engineer, Bosko Stankovic, found a vulnerability in Google Chrome that hackers can easily exploit to get a user’s credentials such as their username and password and potentially launch SMB relay attacks. It must be noted that WannaCry ransomware attack also exploits an SMB vulnerability present in the outdated version of Windows operating systems.

What is the vulnerability?

Apparently, the vulnerability is in Google Chrome’s configuration, as claimed by Stankovic who works as a security expert at DefenseCode. He found the flaw in the latest version of Chrome installed on an updated version of Windows 10.

How can the vulnerability be exploited?

According to Stankovic, the vulnerability lets the attacker steal a user’s username and the hashed version of their password by simply tricking the victim to click a specific link created by the attacker. The attacker can then use the credentials to access a user’s email and any other network that uses the victim’s credentials to allow access.

Read more fromt the source