One of the most important handicaps for web browser developers in general is everything related to the security and privacy of their users. However, it is greatly magnified when we refer to a browser with this type of widespread and used around the world, such as Google Chrome.
That is why, the Google team for Chrome browser is now working in full speed to correct a newly detected error which facilitates attacks focused on theft of credentials. Here we are exclusively referring to the Windows version of this software. Specifically, this error is exploited if a user is “cheated” in some way when browsing the Web to click on a specific link. A Windows .SCF file is then downloaded which is actually the old shell format of the system shell.
With this they have achieved a way to change how Chrome and Windows itself will handle these types of files from that moment on. All this means that if a user clicks on that link, the malicious .SCF file is stored in the default downloads directory until the next time the user opens that folder, which is when security issues will start. Remember this is where the default Windows is, since the folder displayed will activate the malware when trying to recover the icon associated with the malicious .SCF file previously downloaded through Chrome.
In fact to recover the mentioned icon, the system presents its credentials to the server with our user ID and password, or where appropriate the credentials of the home network. Of course this implies that they will already be available to the attacker in question. According to experts in the subject, the SMB remote server created by the attacker will be ready to capture the user name and password of the victim to access other services on the computer remotely and thus, knowing this data is passed through the victim itself.
The good thing about all this is that Google is already made aware of this vulnerability that could jeopardize the privacy of its users, so it is already implementing a solution to end it as soon as possible. Yes, of course the firm knows the importance pertaining to the security of the data of its customers has at present, more in these days when WannaCry is affecting the systems.