Oddbean new post about | logout
 New Glove infostealer malware bypasses Chrome’s cookie encryption

A newly identified information stealer can bypass the App-Bound Encryption mechanism in Chromium-based browsers, cybersecurity software provider Gen Digital reports.

Written in .NET and dubbed Glove Stealer, the malware targets multiple browsers and extensions to exfiltrate sensitive information such as cookies and credentials, along with data from cryptocurrency wallets, authenticators, password managers, email clients, and other applications.

What makes Glove Stealer stand out from the crowd, however, is its ability to bypass Application-Bound (App-Bound) Encryption, the cookie protection mechanism that was introduced in Chrome 127 to prevent their theft.

See more:
Bleeping Computer https://www.bleepingcomputer.com/news/security/new-glove-infostealer-malware-bypasses-google-chromes-cookie-encryption/

Security Week: https://www.securityweek.com/glove-stealer-malware-bypasses-chromes-app-bound-encryption/

#cybersecurity #malware