A PDF in Chrome can steal your data

Who I am
Aina Martin
@ainamartin

Un document in PDF format it could cause serious damage to your computer, particularly if the file is opened via the browser Google Chrome. The vulnerability, discovered by computer security company EdgeSpot, would be exploited by hackers to steal data on mobile and fixed devices.

But be careful: the threat only emerges if the file is viewed through the browser, while the PDF documents opened with Adobe Reader they are completely safe. The bug exploits the network to send a series of sensitive information to two dangerous domains, already identified by the Mountain View company. Between data stolen from the malicious PDF there would also be the IP address of the victim. Unfortunately, the threat is impossible to block because the antivirus normally installed on computers cannot recognize it. As a result, many users are unaware that they have been attacked.



How malicious PDF files work on Chrome

The threat is one of the so-called zero-day vulnerabilities, a type of vulnerability characterized by characteristics little known to the company that produced the computer system. In fact, currently Google has not yet fully understood the cause of the problem and is testing different solutions to fix it. At the same time, action dynamics are well known: it all starts when a user opens a malicious PDF file via the Chrome. At this point, the virus would exploit the browser to activate itself and steal the data on the computer. The forged file would immediately send a series of sensitive information to one of two dangerous domains, readnotify.com and burpcollaborator.net. Among the stolen data stand out the IP address of the victim, but also the path of the PDF on the computer and the version of Chrome used to open the document.



The company has already taken steps to solve the problem and make life difficult at these addresses.


Here comes the solution from Google

The vulnerability was reported to Google on December 26, 2018. On February 14, the Company assured that by the spring the problem will be solved. In fact, the 23th April the release of theChrome update to version 74, which will also include a pacth for eliminating bugs related to malicious PDF files. Meantime, Google wanted to inform its users of the danger. The company invites people to do not open PDF files via the Chrome viewer, at least until the release of the new version of the browser.


A PDF in Chrome can steal your data

Audio Video A PDF in Chrome can steal your data
add a comment of A PDF in Chrome can steal your data
Comment sent successfully! We will review it in the next few hours.