Posted on April 30, 2022 at 11:12 AM
Google has issued a warning to billions of Google Chrome users. The warning by the technology company says that users have been targeted by hackers who are looking for ways they can exploit the 30 new security vulnerabilities.
Google warns Chrome users
The warning by Google says that seven of the new security holes detected on the platform were of “high” risk to users. The announcement by the company says that an update to patch the issue would be released over the coming days to solve the security vulnerabilities.
The detected vulnerability affects many devices, including Linux, MacOS and Windows. The hacker behind the exploitation is yet to be determined, and reports of whether any sensitive user details were compromised have not been shared.
A report by Forbes said that the company was currently working on preventing any additional hacks. This would be done “until a majority of users are revised with a fix.” The company added that it would have limits in place if the vulnerability is located in a third-party library where other projects are reliant upon and where fixes are yet to be implemented.
“Use After Free (UAF) attacks continue to be the best path for cracking Chrome. 11 of the 30 new Chrome vulnerabilities are via UAF (a memory exploit). This method of attack has now breached Chrome security over 65 times in 2022,” the report added.
It will be possible for users to update their browsers manually through the settings menu. However, Chrome is planning to automate this system in the coming days. There has been an increase in the number of hacking attempts made in Chrome and other browsers. Several tech companies have revealed similar attacks.
Increased attacks on tech companies
Big tech companies have been working together to combat the rising threat of hacking attacks. While these companies provide regular updates and patches, due diligence from users is also necessary. Whenever patches are launched, users must be proactive and implement the patches before a hacker exploits the vulnerability.
One of the leading global brands targeted by a hacking attack was Coca-Cola. The multinational giant was the victim of a hacking attack by a Russian threat actor group. The group is currently selling the information obtained during the breach. Such attacks have revealed that online passwords are not as secure as previously.
A recent study said a high vulnerability to the passwords stored on online passwords. The strength of the passwords is also not an issue that can prevent an attacker from gaining access. Passwords with six characters or more and inclusive of numbers and symbols can also be breached in an instance.
However, the length and the combination of the characters in a password can also prevent attacks. Passwords with 18 characters, including digits, upper case and lower case letters, tend to be impossible to breach. Such passwords cannot be breached for trillions of years.
One of the primary reasons hackers target large companies to steal customer data is to demand ransomware payments. Large corporations with sensitive data that could damage their brands usually pay these ransoms if they cannot retrieve the data. However, some hackers also demand ransom payments from the users whose information has been compromised.
In cases where the companies or targeted individuals fail to pay the ransom, the hackers usually sell the data on the dark web. Such data is usually purchased by other threat actors who might want to use it to launch a wide range of other attacks.
For instance, details such as banking information, login details, and personal information could be used to conduct phishing attacks. Phishing attacks are usually used to compromise sensitive details, and they could lead to the users suffering immense financial losses.
Hackers usually exploit vulnerabilities that are yet to be detected or those yet to be patched. Therefore, it is always advisable that internet users use the best internet practices to ensure they do not fall victim to such attacks. One of the ways to do this is by implementing patches whenever they are issued.
In cases where patches or upgrades have not been given, internet users must adopt safe practices such as having strong passwords. Due to the increased targeting of online passwords, it is important to adopt such safe practices to keep people safe despite patches being late in being approved.