Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
A vulnerability known as CVE-2022-3656 affects more than 2.5 billion users of Google Chrome and Chromium-engine-based browsers. This vulnerability allows the theft of sensitive files such as encrypted wallets and cloud provider files. The vulnerability was discovered by examining how the browser interacts with the file system. Specifically, the browser did not properly check whether a symlink pointed to an inaccessible location, allowing sensitive files to be stolen. This problem is often referred to as symbolic link following. Attackers may use encrypted phishing sites to strategically gain access to users' sensitive files. Attack method (per SlowMist): Browser Vulnerability. Reported loss: -.
- chain
- —
- protocol
- Google Chrome
- bug_class
- phishing
- date_occurred
- 2023-01-11
- loss_usd
- —
- source_id
- sm:google-chrome::2023-01-11