Sponsor for PC Pals Forum

Author Topic: Chrome extensions flaw allows password theft  (Read 1173 times)

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Chrome extensions flaw allows password theft
« on: July 12, 2010, 19:22 »
Extensions in Google Chrome are open to a password-stealing hack, according to a security researcher.

Because such third-party add-ons have access to the document object model (DOM) in the Chrome browser - a key API which manages information - it is possible to create an extension that can read form fields and gather passwords and logins, said Andreas Grech in a blog post.

Grech created a "simple" proof of concept plug-in that stripped such data from well-known web pages as the user logged in, and then emailed it back to him. The flaw works against sites including Gmail, Facebook and Twitter, the researcher claimed.

http://www.pcpro.co.uk/news/security/359362/chrome-extensions-flaw-allows-password-theft
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Chrome extensions flaw allows password theft
« Reply #1 on: July 13, 2010, 14:27 »
eventually all things get hacked.
- sam | @starrydude --


Show unread posts since last visit.
Sponsor for PC Pals Forum