Malware, Security Operations

Storm infostealer bypasses Chrome encryption, targets crypto wallets

As reported by HackRead, a new threat known as Storm infostealer has emerged, capable of bypassing Google Chrome's encryption to steal sensitive user data, including cryptocurrency wallet information and private account credentials.

Discovered by Varonis Threat Labs, Storm infostealer operates as a malicious subscription service, targeting multiple browsers like Chrome, Edge, Firefox, and Waterfox. It employs server-side decryption to exfiltrate browser credentials and session cookies without leaving detectable telemetry, thus evading antivirus software. This technique directly counters Google's App-Bound Encryption introduced in Chrome 127.

The service is sold to criminal teams, with prices starting at $300 for a seven-day demo. Storm infostealer can hijack active sessions, rendering multi-factor authentication ineffective. Logs indicate victims in India, Brazil, the United States, and the United Kingdom. It also targets messaging apps like Telegram and Discord, and crypto exchanges such as Binance and Coinbase, even capturing screenshots.

Source: HackRead

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds