- Apr 21, 2016
- 4,370
A security researcher managed to perform an impressive attack that allowed him to gather computer login credentials via Google Chrome and the SMB protocol.
While this type of exploits are not new, they're usually limited to local area networks. Another thing that makes this particular attack noteworthy is the fact that there have been no publicly demonstrated SMB authentication related attacks on browsers other than Internet Explorer and Edge in the past decade.
Serbian security researcher Bosko Stankovic of DefenseCode mixed together two different techniques - one taken fro the Stuxnet operation, and another that was detailed back in 2015 at the Black Hat security conference. He put together the attack by focusing on SCF files, which stands for Shell Command File, a format that supports a limited set of Windows Explorer commands.
These files are similar to LNK files, which when stored on disk will retrieve an icon file. Following the Stuxnet attacks, Microsoft forced LNK files to only load their icons from local resources so they would no longer be vulnerable to attack by making them load malicious code. SCF files, however, were left alone.
Read more: Researcher Finds Way to Steal Windows Login Credentials via Chrome and SCF Files
While this type of exploits are not new, they're usually limited to local area networks. Another thing that makes this particular attack noteworthy is the fact that there have been no publicly demonstrated SMB authentication related attacks on browsers other than Internet Explorer and Edge in the past decade.
Serbian security researcher Bosko Stankovic of DefenseCode mixed together two different techniques - one taken fro the Stuxnet operation, and another that was detailed back in 2015 at the Black Hat security conference. He put together the attack by focusing on SCF files, which stands for Shell Command File, a format that supports a limited set of Windows Explorer commands.
These files are similar to LNK files, which when stored on disk will retrieve an icon file. Following the Stuxnet attacks, Microsoft forced LNK files to only load their icons from local resources so they would no longer be vulnerable to attack by making them load malicious code. SCF files, however, were left alone.
Read more: Researcher Finds Way to Steal Windows Login Credentials via Chrome and SCF Files
