Web extensions to become a new attack vector

Powered by SC Magazine
 

Google Chrome, now less shiny.

A penetration tester has exploted a hole in Google Chrome that granted unauthorised access to gmail accounts.

WhiteHat Security researcher Matt Johansen identified the vulnerability in a Chrome OS note-taking application.

He disclosed the hole to Google which patched it and gave him US$1000 as part of its Chromium security initiative.

Caesar Sengupta

Johansen told Reuters he intercepted data travelling between a Chrome browser extension and the Google cloud.

"I can get at your online banking or your Facebook profile or your email as it is being loaded in the browser," he said.

Google has not yet revealed details of the security hole which Johansen plans to release at the Black Hat conference in Las Vegas this year.

Google extensions, written by third party software developers, were a ripe target for attack because they were granted more privileged access rights to Google cloud data than what the browser offered to web sites.

WhiteHat security detailed in a 2007 research paper (pdf) a series of web application security vulnerabilities that could also be used to attack web browser extensions in Chrome and Mozilla FireFox.

The attack on Google extensions was different to typical exploits that target data residing on hard drives.

"If I can exploit some kind of web application to access that data, then I couldn't care less what is on the hard drive," he said.

But Johansen had since discovered other applications with the same security flaw.

"This is just the tip of the iceberg ... We can see this becoming a whole new field" for malware attacks, he said.

Chrome OS director Caesar Sengupta said there are "significant benefits to security" by storing apps within the browser.

"Unlike traditional operating systems, Chrome OS doesn't trust the applications you run. Each app is contained within a security sandbox making it harder for malware and viruses to infect your computer."

"Furthermore, Chrome OS barely trusts itself. Every time you restart your computer the operating system verifies the integrity of its code. If your system has been compromised, it is designed to fix itself with a reboot.

"While no computer can be made completely secure, we're going to make life much harder and less profitable for the bad guys."

Copyright © SC Magazine, Australia


Web extensions to become a new attack vector
 
 
 
Top Stories
CIO exits as Coles steps up offshoring
Updated: Engages Accenture in Manila; staff to learn of their fate today.
 
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  71%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 785

Vote