VoidStealer and Infostealers Bypass Chrome's App-Bound Encryption

VoidStealer and Infostealers Bypass Chrome's App-Bound Encryption

First seen 7 May 2026, 11:13 UTC KasperskyDarkreadingwww.bleepingcomputer.comwww.techtarget.comCybersecuritynews+5 88% similarity 71.0

Article Content

Browse articles
ThreatCluster

Malware developers have successfully bypassed Google's App-Bound Encryption (ABE) in Chrome, allowing infostealers like VoidStealer to access sensitive data such as session cookies and credentials. This new method exploits vulnerabilities in the ABE mechanism, which was designed to protect stored data from unauthorized access by requiring system-level privileges. Researchers have confirmed that multiple infostealers, including MeduzaStealer and Lumma Stealer, have implemented effective bypass techniques. The public release of a tool by researcher Alexander Hagenah further increases the risk for users storing sensitive information in Chrome. Google acknowledges the ongoing 'cat and mouse' game with malware developers and continues to enhance its defenses against these evolving threats. Users are advised to be cautious about storing sensitive data in browsers until more robust protections are established.

Key Points: • VoidStealer and other infostealers have bypassed Chrome's App-Bound Encryption. • A public tool for bypassing ABE has been released, increasing risks for users. • Google acknowledges ongoing challenges in securing Chrome against infostealer attacks.

ThreatCluster AI

Timeline

2024-07-01
Chrome introduces App-Bound Encryption
Google implemented ABE in Chrome 127 to protect session cookies and sensitive data from infostealers.
Kaspersky
2026-05-06
VoidStealer bypass method discovered
Researchers found a new technique used by VoidStealer to circumvent Chrome's ABE, compromising user data.
Kaspersky
2026-05-07
Tool for ABE bypass released
Researcher Alexander Hagenah released a tool to bypass Chrome's ABE, increasing risks for users storing sensitive data.
BleepingComputer
2026-05-07
Multiple infostealers claim ABE bypass
Developers of infostealers like MeduzaStealer and Lumma Stealer confirmed their tools can bypass Chrome's ABE, allowing data theft.
BleepingComputer

Community

Browse all →