Web browsers are constantly under attack for the treasure trove of user information they hold, such as passwords, credit card details, phone number and emails. Kaspersky has detected a zero day vulnerability in Google’s Chrome desktop browser, which was exploited to target a Korean language news portal. Dubbed as CVE-2019-13720, the vulnerability was reported to Google which on its part confirmed it and quickly released a patch 78.0.3904.87 for Windows, Mac, and Linux to fix it.
Zero day vulnerabilities refer to unidentified bugs in software/hardware which could be exploited by criminals to carry out a zero day attack. Kaspersky claims the vulnerability was exploited by unknown threat actors to carry out waterhole-style injection (an exploit where a specific website is attacked to target the users) in a Korean-language news portal.
Kaspersky has called the attacks Operation WizardOpium and have also found some remote similarities between their codes and the ones used by Lazarus Group in various attacks. However, they also point out that this could be a false flag.
In this case, the vulnerability tries to exploit the bug in Google Chrome browser and uses the malicious script to check if it is running on Chrome 65 or older versions. Kaspersky has cautioned Chrome users to update the browser to apply the patch.
With a user base of 57% (as per W3 counter as on Oct 2019) Chrome web browser is the leading web browser on desktops, which widens the attack base for hackers.