K
K
kudma2021-11-24 10:18:00
Browsers
kudma, 2021-11-24 10:18:00

Chrome. Is it possible to get a virus through viewing a letter?

Is it possible for a virus to be active after simply opening an email in Chrome that definitely contained malware? Why do I know exactly what it was in the letter: it was opened in Thunderbird and as a result the protection worked and turned off the grid on the PC. The main urge to find out for sure the essence, I wanted to check the essence of the letter simply by opening it in the Chrome web interface (if SSL matters on the web) without clicking on any links in the body of the letter, to which I was told not to do this, because to. there are different types of viruses that can fly in through the web interface just when viewing a letter (permission to display anything on this domain was not given).

Answer the question

In order to leave comments, you need to log in

3 answer(s)
A
Alexander, 2021-11-24
@Aleksandr-JS-Developer

Finally, the user did not click on links, download files, but asked a question on a specialized forum.
There is a chance of launching a virus on your machine, but it is very small. More likely an XSS exploit (executing arbitrary JS in your browser does not affect the machine)
Left-handed emails in the browser can be dangerous as follows:
XSS exploits (included in OWASP TOP 10 vulnerabilities, at 3 positions, in A03:2021-Injection):
- inside mailer:
if the input/output data is not filtered (or not filtered enough), then it is possible (in the worst case) that arbitrary JavaScript code is executed in your browser.
Usually they steal cookies to steal the session (authorization to your account without a password).
- links to other vulnerable sites:
everything is the same, only on other sites
. Phishing:
- you will be provoked to click on a link to a fake site where you can leave personal data.
Malware as email attachments :
executable files, Word files with malicious macros, 100500 more.
Chrome (other browser) vulnerabilities 0day :
There is a tiny chance that there is an unknown vulnerability in Chrome.
There could be anything.
But all scenarios where all you need to do is open an email is very unlikely.
For prevention, you can:

  • update browser/s
  • use a popular mailer (Gmail, for example)
  • do not click on the left links (if you really need it, bring the link here and ask)
  • if you poke, check the address.
  • do not download unknown files and, moreover, do not run them

R
Ronald McDonald, 2021-11-24
@Zoominger

No impossible.

S
Sergey Klimov, 2021-12-10
@Cember

If nothing is clicked, then the virus is unlikely to penetrate. Well, antivirus should also see it through web monitoring.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question