Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Opera Browser. Show all posts
Opera Browser
API Browser Security Browser Vulnerability Cyber Attacks data security DNS Opera Browser

CrossBarking Exploit in Opera Browser Exposes Users to Extensive Risks

 

A new browser vulnerability called CrossBarking has been identified, affecting Opera users through “private” APIs that were meant only for select trusted sites. Browser APIs bridge websites with functionalities like storage, performance, and geolocation to enhance user experience. Most APIs are widely accessible and reviewed, but private ones are reserved for preferred applications. Researchers at Guardio found that these Opera-specific APIs were vulnerable to exploitation, especially if a malicious Chrome extension gained access. Guardio’s demonstration showed that once a hacker gained access to these private APIs through a Chrome extension — easily installable by Opera users — they could run powerful scripts in a user’s browser context. 
The malicious extension was initially disguised as a harmless tool, adding pictures of puppies to web pages. 

However, it also contained scripts capable of extensive interference with Opera settings. Guardio used this approach to hijack the settingsPrivate API, which allowed them to reroute a victim’s DNS settings through a malicious server, providing the attacker with extensive visibility into the user’s browsing activities. With control over the DNS settings, they could manipulate browser content and even redirect users to phishing pages, making the potential for misuse significant. Guardio emphasized that getting malicious extensions through Chrome’s review process is relatively easier than with Opera’s, which undergoes a more intensive manual review. 

The researchers, therefore, leveraged Chrome’s automated, less stringent review process to create a proof-of-concept attack on Opera users. CrossBarking’s implications go beyond Opera, underscoring the complex relationship between browser functionality and security. Opera took steps to mitigate this vulnerability by blocking scripts from running on private domains, a strategy that Chrome itself uses. However, they have retained the private APIs, acknowledging that managing security with third-party apps and maintaining functionality is a delicate balance. 

Opera’s decision to address the CrossBarking vulnerability by restricting script access to domains with private API access offers a practical, though partial, solution. This approach minimizes the risk of malicious code running within these domains, but it does not fully eliminate potential exposure. Guardio’s research emphasizes the need for Opera, and similar browsers, to reevaluate their approach to third-party extension compatibility and the risks associated with cross-browser API permissions.


This vulnerability also underscores a broader industry challenge: balancing user functionality with security. While private APIs are integral to offering customized features, they open potential entry points for attackers when not adequately protected. Opera’s reliance on responsible disclosure practices with cybersecurity firms is a step forward. However, ongoing vigilance and a proactive stance toward enhancing browser security are essential as threats continue to evolve, particularly in a landscape where third-party extensions can easily be overlooked as potential risks.


In response, Opera has collaborated closely with researchers and relies on responsible vulnerability disclosures from third-party security firms like Guardio to address any potential risks preemptively. Security professionals highlight that browser developers should consider the full ecosystem, assessing how interactions across apps and extensions might introduce vulnerabilities.
Read more »
Opera Browser
Cyber Attacks CyberCrime Cyberhackers Cybersecurity MyFlaw Bug Opera Browser

Opera Browser Users Beware: MyFlaw Bug Allows Hackers to Run Any File Remotely

 


There has been an unearthed critical security flaw in the Opera browser that has been of concern to Opera browser enthusiasts. As a result of the "MyFlaw Bug," hackers can remotely execute any file on users' computers, posing a serious threat. Opera users are advised to exercise caution when browsing due to the potential for widespread exploitation of this exploit. 

On both MacOS and Windows, cybersecurity experts are actively working on addressing this issue to mitigate the risk associated with unauthorized file execution on both platforms. Experts strongly recommend that immediate updates and heightened vigilance be undertaken to mitigate this risk. 

In a statement shared with Hacker News, Guardio Labs researchers have codenamed the remote code execution vulnerability MyFlaw because it takes advantage of the feature that lets mobile and desktop devices synchronize messages and files by using a feature called MyFlow. 

As the company explains in a statement they shared with the publication, the browser extension that they created bypasses the browser's sandbox and the entire browser process, effectively bypassing the entire browser process. In the aftermath of the responsible disclosure of the issue on November 17, 2023, the issue was addressed as part of the updates shipped on November 22, 2023, which are addressed both with the Opera browser and Opera GX.

My Flow, the feature on Opera's website, stands out because it allows you to seamlessly share your notes and files between your desktop and mobile devices through the browser. You can easily exchange files and messages by scanning a QR code with Opera's mobile app, and the chat-like interface it provides is reminiscent of a chat interface. 

There is a chat interface built into My Flow that allows you to exchange notes and files, the latter of which can be opened using a web interface, which means the file can be executed outside the browser's security parameters. Despite the convenience of this feature, it revealed that there are potentially high-security risks associated with it, which prompted us to conduct a further investigation.

During our vulnerability research, we identify high-risk vectors, such as those discussed above, and thoroughly examine the architecture, development, and security protocols involved in these vectors, seeking to identify any security gaps and logic errors that could be exploited. We did indeed find a significant vulnerability that was exploitable. 

To make the Guardio research team aware of the security issue, a remote code execution vulnerability known as MyFlaw has been found in Opera's 'My Flow' feature, which allows you to share notes and files seamlessly between desktops and mobile devices through the browser. 

The web-based My Flow chat interface, for example, has been updated so that any attached files can be executed directly from the browser by clicking on the 'OPEN' button. This has led to new potential attack vectors, which were concerned. Researchers have documented that the ability to execute local system files from a web context could pose a serious security risk, as it can have a variety of unintended consequences. The investigation that has been conducted has revealed that My Flow works in part as a result of an extension installed in your browser already that is known as the 'Opera Touch Background'. 

In addition to the capability of opening and downloading files to the local system, this extension has extensive permissions. There is a built-in browser extension named "Opera Touch Background" that is tasked with interacting between the desktop browser and the mobile version that comes pre-installed with this feature. This extension is for communicating between the desktop browser and the mobile version.

In addition, this means that the extension carries a manifest file that sets out all the permissions and behaviours that it needs to be able to perform, such as the externally_connectable property that identifies which websites and extensions can be connected to it.

Although the majority of Opera's production servers do not appear to have any known vulnerable assets at the moment, there is always the possibility that such issues may recur in the future due to human error or new updates of code that are vulnerable to exploiting XSS.

It has been documented by researchers that the ability to execute local system files from a web context could pose a significant security threat, due to the wide variety of unintended outcomes this could have. Based on the findings that have been obtained as a result of the investigation that has been conducted, there is little doubt that My Flow operates in part as a result of the installation of an extension known as the Opera Touch Background that is already installed on your browser. 

Besides being able to open and download files to your local system, this extension also has extensive permissions that are considerably more extensive than they are with other extensions. Opera Touch Background enables the desktop version of the browser to interact with the mobile version of the browser. 

It is a built-in browser extension that comes pre-installed with the mobile version of the browser enabling the interaction between the desktop and mobile versions. As the name suggests, this extension allows for communication between the mobile and desktop versions of the web browser. 

In addition, this means that the extension carries a manifest file that sets out all the permissions and behaviours that it needs to be able to perform, such as the externally_connectable property that identifies which websites and extensions can be connected to it. 

Although the majority of Opera's production servers do not appear to have any known vulnerable assets at the moment, there is always the possibility that such issues may recur in the future due to human error or new updates of code that are vulnerable to exploiting XSS.
Read more »
Subscribe to: Posts (Atom)