Security researchers from EdgeSpot have discovered a vulnerability that affects all existing Chrome users. The researchers noticed a number of suspicious PDF files that are being circulated since 2017 which can be used to collect traffic data. The “trackware” works only when a user views a PDF file on the web browser, and upon closing an infected file, the vulnerability stops working.
The data that is sent via Google Chrome includes IP addresses, browser build version, operating system information, and the PDF’s file locations. The trackware discovered by EdgeSoft is very similar to an exploit that was discovered in April 2018 which was designed to steal NT Lan Manager data via Adobe and Foxit PDF readers. A different variant of the trackware was discovered by EdgeSoft in November which has already been patched.
While the trackware affecting Chrome does not do any dangerous, it could lead to the development of more dangerous malware that could be distributed via PDF files. EdgeSoft revealed details on the recently discovered exploit before a patch has been implemented to educate users about the potential risks that the trackware carries.
According to the security researchers, Chrome users should download PDF files to their systems instead of viewing them in the web browser. Chrome for Android is unaffected by the trackware as the browser can’t open PDF files natively and relies on third-party apps. Alternatively, users can head to Settings > Advanced > Content Settings > PDF documents and choose the “Download PDF files” option. It will cause all PDF files to be downloaded automatically which will negate all risks. The vulnerability has not been patched yet, and according to EdgeSpot, a fix may be deployed with Chrome 74 (April 23) next month.
What do you think about the trackware affecting Google Chrome users? Let us know in the comments below. Don’t forget to like this story and subscribe to our socials on Facebook and Twitter.