WSTale » Science » Hackers could spy on millions of Chrome users from outside their HOMES

Science

Hackers could spy on millions of Chrome users from outside their HOMES

Lottie Casas September 5, 2018

Drive-by hackers could be spying on millions of Chrome users from outside their HOMES

Drive-by hackers can spy on millions of Chrome users through their WEBCAMS experts claim, after finding a security glitch in the browser

  • According to UK cyber-security experts, hackers could attack entire streets 
  • They might be able to steal passwords and activate webcams in an attack
  • Experts reported the issue to Google earlier this year but was old that it was working fine
  • e-mail

14

View
comments

Drive-by hackers could be spying on millions of Chrome users through their webcams from outside their homes, experts claim.

According to UK cyber-security experts, hackers could attack entire streets due to a security glitch in the Google browser that is used by more than one billion people globally.

They could steal passwords and activate webcams in an attack dubbed ‘Wi-Jacking’ that takes little less than one minute to complete.

It is believed three million households in the UK could be exposed and thirty million globally. 

Scroll down for video


Drive-by hackers could be spying on millions of Chrome users from outside their homes, experts claim. The glitch affects people who have logged onto their router (stock image) as admin and saved details in their browser

Experts from London-based cyber-security consultancy Surecloud reported the issue to Google earlier this year but were told that it was working fine.

The investigation, which was led by Elliott Thompson, revealed that a weakness in Google Chrome could be exploited, exposing a huge number of Wi-Fi networks. 

The glitch affects people who have logged onto their router as admin and saved details in their browser. 

  • Seal steak with a side of seagrass: Scientists discover the… Older people slowdown in the winter: Cognitive skills of… Why flat Earthers and Holocaust-deniers won’t change their… Don’t try this at home! YouTuber pulverises his iPhone X in…
  • High speed solar winds smashing into satellites could cause…

Share this article

When credentials are saved within a browser they are tied to a URL and are automatically inserted, researchers wrote in a blog post. 

A hacker can use this to access the network without needing to crack the password to connect to the router.  

They could steal information and even implant malware, Mr Thompson claims.  


The glitch affects people who have logged onto their router as admin and saved details in their browser. It is believed three million households in the UK could be exposed and thirty million globally


When credentials are saved within a browser they are tied to a URL and are automatically inserted. A hacker can use this to access the network without needing to crack the password to connect to the router

‘The hacker would be able to join the WiFi network, access shared files, access ‘internet of things’ devices which trust the local network [and] view what websites everyone is visiting,’ he told Newsweek.

‘If those websites are unencrypted, the hacker could attempt to implant malware onto the device to steal passwords or access webcams from the computers on the network.’

During an attack, the only thing a target will see is a page pop up that looks like their Wi-fi router’s administrator menu.  

‘There are likely hundreds of millions of routers fitting these criteria in use’, Mr Thompson said.

Experts say that people who are worried about being hacked should clear their browser’s saved passwords and not allow automatic re-connection.  

A Google spokesperson told MailOnline; ‘Security is a core tenet of Chrome and we are committed to providing our users with a secure web experience.

‘We appreciate the security community for working with us to bring any concerns to our attention. We’ll study this closely and see if there are improvements to make.’

WHICH SMART HOUSEHOLD GADGETS ARE VULNERABLE TO CYBER ATTACKS?

From devices that order our groceries to smart toys that speak to our children, high-tech home gadgets are no longer the stuff of science fiction.

But even as they transform our lives, they put families at risk from criminal hackers taking advantage of security flaws to gain virtual access to homes.

A June 2017 Which? study tested whether popular smart gadgets and appliances, including wireless cameras, a smart padlock and a children’s Bluetooth toy, could stand up to a possible hack.

The survey of 15 devices found that eight were vulnerable to hacking via the internet, Wi-Fi or Bluetooth connections. 


Scary: Which? said ethical hackers broke into the CloudPets toy and made it play its own voice messages. They said any stranger could use the method to speak to children from outside

The test found that the Fredi Megapix home CCTV camera system operated over the internet using a default administrator account without a password, and Which? found thousands of similar cameras available for anyone to watch the live feed over the internet.

The watchdog said that a hacker could even pan and tilt the cameras to monitor activity in the house.

SureCloud hacked the CloudPets stuffed toy, which allows family and friends to send messages to a child via Bluetooth and made it play its own voice messages.

Which? said it contacted the manufacturers of eight affected products to alert them to flaws as part of the investigation, with the majority updating their software and security. 

 

Source: Read Full Article