Cyberstalkers are increasingly exploiting a feature in Google Chrome meant for mobile phone user convenience, but can give intruders broad access to a device owner’s private information, according to researchers.Certo Software said in a blog post Tuesday that stalkers are making use of Chrome’s sync capability — meant to make it so signing into Chrome on one device makes it easier to do so on other devices, too — to spy on a phone owner’s browsing history and gain access to their stored passwords.As an illustration, Certo used the case of a pseudonymous victim, Emma, who had searched for a family lawyer and visited a domestic violence support website while her partner was sleeping, only for him to bring up to her two days later.“Emma had been careful to only ever use her own device, and she hadn’t noticed any new apps appear on her phone,” wrote Certo co-founder Russell Kent-Payne. “What she didn’t know was that weeks earlier, during a few unattended minutes with her phone, he had opened the Chrome app and quietly signed it into a Google account of his own. From that moment on, every site she visited was being copied straight to his account, viewable from any device, anywhere in the world.”The surveillance is as easy as that: brief access to a phone, signing into a Google account and making sure sync is turned on for that account.Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, said on the Bluesky social media app that Certo’s research serves as “an important reminder that tech-enabled abuse isn’t just limited to stalkerware.”Certo said that Google could do a couple things, such as providing a temporary notification whenever a new account is added or sync is turned on or offering a regular marker to indicate when sync is active and which account it’s syncing to, to protect users.Google did not respond to multiple requests for comment about Certo’s findings.But the uptick in usage of that stalking method could be a byproduct of security successes elsewhere in the fight against spyware, Certo said.“Modern smartphones are harder to compromise than ever. Regular security updates, stricter app store rules, and on-device threat detection have made traditional spyware a much riskier bet for a cyberstalker than it used to be,” Kent-Payne wrote. “As a result, we’re increasingly seeing abusers turn to something far simpler: the legitimate apps already sitting on their victim’s phone. No installation, no suspicious permissions, no telltale battery drain — just a quiet misuse of a feature the victim never knew existed.”At the same time, Chrome is the world’s most popular browser, and this isn’t the first time security concerns have popped up about its sync feature, among other worries.The post Security researchers find stalkers abusing Chrome’s sync feature appeared first on CyberScoop.