Web extensions to become a new attack vector

Powered by SC Magazine
 

Google Chrome, now less shiny.

A penetration tester has exploted a hole in Google Chrome that granted unauthorised access to gmail accounts.

WhiteHat Security researcher Matt Johansen identified the vulnerability in a Chrome OS note-taking application.

He disclosed the hole to Google which patched it and gave him US$1000 as part of its Chromium security initiative.

Caesar Sengupta

Johansen told Reuters he intercepted data travelling between a Chrome browser extension and the Google cloud.

"I can get at your online banking or your Facebook profile or your email as it is being loaded in the browser," he said.

Google has not yet revealed details of the security hole which Johansen plans to release at the Black Hat conference in Las Vegas this year.

Google extensions, written by third party software developers, were a ripe target for attack because they were granted more privileged access rights to Google cloud data than what the browser offered to web sites.

WhiteHat security detailed in a 2007 research paper (pdf) a series of web application security vulnerabilities that could also be used to attack web browser extensions in Chrome and Mozilla FireFox.

The attack on Google extensions was different to typical exploits that target data residing on hard drives.

"If I can exploit some kind of web application to access that data, then I couldn't care less what is on the hard drive," he said.

But Johansen had since discovered other applications with the same security flaw.

"This is just the tip of the iceberg ... We can see this becoming a whole new field" for malware attacks, he said.

Chrome OS director Caesar Sengupta said there are "significant benefits to security" by storing apps within the browser.

"Unlike traditional operating systems, Chrome OS doesn't trust the applications you run. Each app is contained within a security sandbox making it harder for malware and viruses to infect your computer."

"Furthermore, Chrome OS barely trusts itself. Every time you restart your computer the operating system verifies the integrity of its code. If your system has been compromised, it is designed to fix itself with a reboot.

"While no computer can be made completely secure, we're going to make life much harder and less profitable for the bad guys."

Copyright © SC Magazine, Australia


Web extensions to become a new attack vector
 
 
 
Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1125

Vote