www.bleepingcomputer.com
VoidStealer and Infostealers Bypass Chrome's App-Bound Encryption
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Malware developers have successfully bypassed Google's App-Bound Encryption (ABE) in Chrome, allowing infostealers like VoidStealer to access sensitive data such as session cookies and credentials. This new method exploits vulnerabilities in the ABE mechanism, which was designed to protect stored data from unauthorized access by requiring system-level privileges. Researchers have confirmed that multiple infostealers, including MeduzaStealer and Lumma Stealer, have implemented effective bypass techniques. The public release of a tool by researcher Alexander Hagenah further increases the risk for users storing sensitive information in Chrome. Google acknowledges the ongoing 'cat and mouse' game with malware developers and continues to enhance its defenses against these evolving threats. Users are advised to be cautious about storing sensitive data in browsers until more robust protections are established.
Key Points: • VoidStealer and other infostealers have bypassed Chrome's App-Bound Encryption. • A public tool for bypassing ABE has been released, increasing risks for users. • Google acknowledges ongoing challenges in securing Chrome against infostealer attacks.