Chrome's App-Bound Encryption Feature Bypased By Infostealer Malware

Infostealer malware developers have updated their tools to claim they can bypass Google Chrome's App-Bound Encryption, which protects sensitive data like cookies. Introduced in Chrome 127, this feature encrypts cookies and passwords using a system-level Windows service, preventing malware running under user permissions from accessing these secrets. To circumvent this, malware would need system privileges or code injection, both of which could trigger security alerts, according to Chrome's Will Harris. However, researchers g0njxa and RussianPanda9xx report that several infostealer developers are claiming to have found a working bypass for their tools, including MeduzaStealer, Whitesnake, and Vidar Stealer. Read more...