• User must allow a clipboard writing event to occur on web pages.
• The most recent live version of Google Chrome, version 104.
• It introduced a problem that could jeopardize your private data.

The most recent live version of Google Chrome, version 104, introduced a problem that could jeopardize your private data.

Normally, a user must allow a clipboard writing event; however, a defect discovered by security expert Jeff Johnson has removed this need.

Many of us copy and paste information from one area to another tens or hundreds of times every day, and some of this information may contain sensitive information such as phone numbers, addresses, passwords and login details, and even payment information.

Johnson is concerned that frauds based on this flaw might be exploited to trick users into copying their wallet address into the system clipboard on fraudulent cryptocurrency sites, putting their complete digital wallet at danger.

He adds that Google’s web browser isn’t the only one that employs such a mechanism; according to the same source, Safari and Firefox also “enable web pages to write to the system clipboard,” but they include gesture-based protections to add an extra layer of security.

Johnson summarizes the absence of effective measures for preserving system clipboards across all relevant web browsers.

[embedpost slug=”vulnerability-in-tiktok-app-could-have-allowed-accounts-to-be-hijacked/”]