Issue metadata
Sign in to add a comment
|
Security: VPN vulnerability
Reported by
dave07...@gmail.com,
Jun 25 2017
|
||||||||||||||||||
Issue descriptionVULNERABILITY DETAILS When a vpn extension is installed and enabled on google chrome, there is a possibility to display adds and redirect users to a fake version of chrome adds (affects Google.com, youtube.com, and opening new tabs), as well as has different spam pages show up after starting a download. VERSION Chrome Version: Version 58.0.3029.110 (64-bit) + stable Operating System: Windows 10 version 1703 (KB4022725) It may be a virus on my computer, however malwarebytes and bitdefender have not picked it up. URL that is redirected to is: https://chromeupdates.win/search.html Will occasionally try crash browser by causing infinite loop.
,
Jun 26 2017
No no, the extension was Betternet, which is a pretty well trusted extension. Other users have reported having a VPN (besides Betternet, but still well known like ultra surf, etc.) installed also causes the same malware type behavior. This leads me to believe that there is some vulnerability in Chrome's VPN implementation. I apologize that I can't provide a better way to recreate, but I am not sure how it happened, nor am I a white hat hacker to figure it out. If you want, I can provide a memory dump with this occurring though.
,
Oct 2 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by dominickn@chromium.org
, Jun 26 2017