Risky Bulletin Newsletter
September 23, 2024
Risky Biz News: Stealer devs bypass Chrome's new cookie protection
Presented by

News Editor
The developers of several of today's top infostealers have found several ways to bypass Chrome's new App-Bound Encryption security feature.
Infostealers such as Lumar, Lumma, Meduza, Vidar, and WhiteSnake have told their "customers" they can now bypass the feature and retrieve authentication cookies that were recently coming back encrypted.
Added in Chrome v127, released in mid-July, the App-Bound Encryption feature works by encrypting data related to the Chrome browser process. This data can be decrypted only from an admin-level account.