DBSA:2014-0010

From Digibase Knowledge Base
Revision as of 22:45, 29 April 2014 by Kradorex Xeron (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Disclaimer: as technology changes, advisories may become out of date or may no longer be relevant, please refer to the "Date" section of the header to be sure the advisory is recent as pertains to your situation.

Digibase Security Advisory - Google Chrome Malware Synchronization

Keywords: Google, Chrome, Malware, Google Accounts, Synchronization, Sync

DBSA ID: 2014-0010

Regarding: Google Chrome Malware Synchronization

Writeup: Kradorex Xeron (talk) 22:31, 29 April 2014 (EDT)

Date: 2014 04 29

Last Modified: 20140429224553 by Kradorex Xeron

Who should take note: Google Chrome users

Classification

Priority: LOW

Rationale: Users should take note of this issue and be aware to adjust their usage of Chrome installations.

Severity: MODERATE

Rationale: This issue could result in multiple computers that deploy Chrome becoming infected with malware and permit for re-infection.

Spread of Issue: SINGLE-PLATFORM LOW

Rationale: Malware can utilize Chrome as a self-preservation methodology.

Description

Chrome is a web browser software package released by Google and is often placed in esteem for its ease of use and speed. Chrome has a mechanism whereas it can synchronize chrome settings, bookmarks, extensions and so forth to one's Google Account. Chrome has a potential vulnerability angle whereas malware may be in the form of a Chrome extension where the Chrome installation synchronizes the malware to Google's servers. Through this synchronization, any other chrome installations (thus computers) and/or profiles synchronized with that Google Account would then become infected by that malware when they download sync updates, even a freshly formatted and reinstalled computer.

Mitigation/Solution

Users are advised not to permit Chrome direct access to their Google Account for synchronization.

Those infected with malware who have Chrome installed and sync enabled are advised to disable sync before attempting disinfection, then log into their Google dashboard at http://google.com/dashboard and pursue deletion of Chrome data.

References

This was an internally researched item.