There is a security flaw in the latest stable version of Google, Chrome 104 that might be used to steal your personal information.
A security expert, Jeff Johnson, discovered a problem that bypassed the need for user approval before a clipboard writing event could occur.
Many of us copy and paste information daily, and some of that information may contain personal details such as phone numbers, addresses, passwords, and login details, and even financial information.
Chrome 104 clipboard glitch
Johnson fears that scams based on this defect could lure users into copying their wallet address onto fake cryptocurrency sites, putting their entire digital wallet at risk.
Google’s web browser isn’t the only one to employ this approach; Safari and Firefox both “enable web pages to write to the system clipboard,” but they incorporate gesture-based restrictions.
Johnson summarises the lack of system clipboard protection in all web browsers.
The most popular user action is Ctrl+C (or Cmd+C for Mac users), but he found that hitting the down arrow key to browse across a website was enough.
You may see if you’re a victim by visiting a website. Webplatform.news may add to your clipboard when visited. Visit the site and paste whatever’s in your clipboard into a new Word document. If you view this, your browser is insecure:
This message is in your clipboard because you visited Web Platform News in a browser that enables it. Apologies. https://github.com/w3c/clipboard-apis/issues/182″
The Chrome team at Google is aware of the flaw and working on a solution.