Infostealer malware bypasses new Chrome browser protection

Google's Chrome browser, known for its robust security features, is facing new threats from Infostealer malware developers. These attackers claim to have found ways to bypass Chrome's new security feature, App-Bound Encryption, introduced in version 127. This feature is designed to protect sensitive user data, such as cookies and passwords, by using a Windows service with system privileges.

Here's What We Know

Malware developers such as MeduzaStealer, WhiteSnake, Lumma Stealer and Vidar Stealer claim that their programmes can steal cookies and other data from Chrome without requiring system access. Security researchers have confirmed that some of these claims are true. For example, Lumma Stealer and WhiteSnake can bypass encryption in the latest version of Chrome 129.

The attackers' new methods allow the malware to manipulate Chrome's security without triggering system alerts, making it more dangerous. Despite Google's efforts to protect user data, malware developers are quickly adapting, posing a serious threat to Chrome users.

Source: Bleeping Computer