A PDF on Chrome can steal your data

A new virus affects users who open PDF documents with Google's browser. Here's how it acts and what to do to protect yourself

A PDF document could do serious damage to your computer, especially if the file is opened via the Google Chrome browser. The vulnerability, discovered by cybersecurity firm EdgeSpot, would be exploited by hackers to steal data from mobile and fixed devices.

Beware though: the threat only emerges if the file is viewed via the browser, while PDF documents opened with Adobe Reader are completely safe. The bug exploits the network to send a variety of sensitive information to two malicious domains, which have already been identified by the Mountain View company. Among the data stolen by the malicious PDF there would also be the IP address of the victim. Unfortunately, the threat is impossible to block because antivirus software normally installed on computers is not able to recognize it. As a result, many users do not know that they have been attacked.

How malicious PDF files work on Chrome

The threat is one of the so-called zero-day vulnerabilities, a type of vulnerability marked by features that are not well known to the company that produced the computer system. In fact, currently Google has not yet fully understood the cause of the problem and is testing different solutions to solve it. At the same time, the dynamics of action are well known: everything starts when a user opens a malicious PDF file via the Chrome viewer. At this point, the virus would exploit the browser to activate itself and steal data on the computer. The forged file would immediately send a bunch of sensitive information to one of two malicious domains, readnotify.com and burpcollaborator.net. Among the stolen data stand out the IP address of the unfortunate person, but also the path of the PDF in the computer and the version of Chrome used to open the document.

The company has already taken action to fix the problem and make life difficult for these addresses.

Google's solution arrives

The vulnerability was reported to Google on December 26, 2018. On February 14, the company assured that by spring the problem would be fixed. In fact, Chrome's update to version 74 is expected to be released on April 23, which will also include a pacth for eliminating bugs related to malicious PDF files. In the meantime, Google wanted to inform its users about the danger. The company urges people not to open PDF files via Chrome's viewer, at least until the new version of the browser is released.