Authors of the VoidStealer Trojan uncovered a way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.

DR (DZone Research) offers insights into software development trends, industry surveys, and technology adoption patterns, providing reports, whitepapers, and analyst insights to help businesses make informed decisions and stay competitive in the ever-evolving tech landscape. By exploring DR's curated content, developers can gain insights into emerging technologies, developer preferences, and industry best practices for building innovative and market-leading software solutions. Whether you're a startup founder, product manager, or tech executive, DR offers resources to guide your strategic planning and drive business success.

Dark Reading

Authors of the VoidStealer Trojan have found a new method to bypass Google Chrome's App-Bound Encryption (ABE), a security feature introduced in July 2024 to protect session cookies and credentials from infostealers on Windows. Unlike previous bypasses that required privilege escalation or code injection, VoidStealer attaches to Chrome as a debugger, pauses execution at the exact moment Chrome decrypts data and exposes the master key in plaintext memory, then extracts the key directly. This is the latest in a series of successful ABE bypasses by various infostealer families including Meduza Stealer, Lumma Stealer, and others, highlighting that browsers remain a high-value target as enterprises store increasing amounts of sensitive data in web applications.

Yet Another Way to Bypass Google Chrome's Encryption Protection