Google Chrome is an open source web browser, which means that it can be modified by anyone because the code is public. This enables developers to improve on its features and fix bugs; however, this also allows cybercriminals to find loopholes in the software’s coding structure. According to statistics, Google Chrome has witnessed a significant increase in vulnerabilities recently, which means that there is an increased risk of cybercriminals exploiting the loopholes to infect computers with malware.
Since Google Chrome has a lot of additional features developed by external extensions and plugins, it becomes difficult for experts to ensure security against all threats. Trojan developers are using this fact as they continuously attempt to develop new threats.
Security researchers at BitDefender have discovered a new plugin, which is designed to bypass Google Chrome Captcha (Completely Automated Public Turing test to tell Computers and Humans Apart) security feature. The plugin called CaptchaStealer is being distributed through a domain name captchastealth.com currently hosted on a server in Germany. This domain is registered by a Russian national and BitDefender has shared this information with law enforcement officials and Google.
Once users download the CaptchaStealer plugin, it injects itself into Google Chrome’s memory and then removes all references to itself from the registry, making it difficult to detect its presence on the computer system. BitDefender has also provided a video, which shows how the plugin displays the Captcha as normal and then sends it back to its server. In order to overcome this threat, Google should safeguard itself from hackers modifying its open source code.
The CaptchaStealer plugin was created by the same developer who earlier developed another plugin called NoCaptcha, which displayed Google’s reCAPTCHA service. The domain name used to host NoCaptcha has also been registered in Russia and it is currently hosted on a server in Germany.
Google uses captcha to prevent spammy messages from reaching its users via email. CAPTCHA is used by websites to prevent automated computer programs called bots from performing certain actions, such as registering with a website, posting comments, signing up for newsletters, etc. The CaptchaStealer plugin currently abuses Google’s reCAPTCHA service that uses text verification or images to ensure that the user is not a spammer.
According to BitDefender, CaptchaStealer sends all the text verification phrases it receives back to its server, which allows cybercriminals to access this information and use it for sending spam messages. It can also steal personal data submitted on various websites that work via reCAPTCHA. So far there is no evidence that the CaptchaStealer plugin has been used by hackers to steal confidential data or send spam, but there is a strong possibility.
Google Chrome users are advised to update their web browser as soon as possible in order to protect themselves against this vulnerability. The version of Google Chrome installed on Windows Vista and XP computers needs to be updated manually; however, users on Windows 7 can update Google Chrome automatically through the browser.