Blog

Hackers Bypass Google Chrome’s Infostealer Malware Block

No one wants hackers, especially business owners, to access their most precious data. Google aimed to help with an update to its Chrome web browser—Chrome 127—in July 2024, which included an info stealer malware block. Available to all 3.5 billion web browser users, the improved tool aimed to stop hackers from accessing sensitive data stored in web app cookies. 

Unfortunately, hackers have already found a dangerous workaround that allows them to continue spreading their malicious programs. In short, they didn’t take long to render the security upgrade ineffective.

Stopping Credential Theft and Bolstering Security

The Chrome 127 release included a tool to stop hackers from using two-factor authentication (2FA) circumvention to steal credentials. Before the upgrade, cybercriminals looking for a way around the 2FA could access cookies and collect whatever data they wanted. With the new infostealer malware block, web apps and websites would encrypt the information on the site or app, making it so only that device could decrypt the information.

It didn’t take long for some of the most notorious info stealers, including Whitesnake, Meduza, and Lumma, to find and exploit issues within that code and make their findings available to other criminals.

The infostealer workaround allows cybercriminals to collect cookies on Chrome without detection. The browser encryption bypass doesn’t require administrator privileges or a computer restart, making it easier for hackers to decrypt data without being detected. Independent researchers confirmed that the bypass could be successful and create conditions for a data breach. 

Don’t Rely on the Malware Block To Stop Theft

Cybercriminals use info-stealer malware to steal information stored on your devices, including mobile devices, computers, and servers. The malware typically targets cookies, which programs create every time you log in. Cookies save information to allow you to work within the program or network continuously without logging in again.

When thieves collect those cookies and decrypt the information they contain, they use those details to access additional data, including intellectual property, financial records, customer information, and more.

Social engineering tactics, like phishing, are hackers’ favorite methods for delivering malware. The malware automatically installs itself when a recipient falls for the trick and opens the infected email or site. It then copies sensitive information, performs data exfiltration, and creates a file for the hacker to sell. 

Protecting your malware attack vectors rests on a multi-layered strategy. The foundation of that strategy is promptly installing software updates and security patches. Setting up strong password rules, using reliable antivirus and anti-malware protection, and monitoring for compromised credentials can also thwart hackers.

Google has yet to release a solution to the info stealer malware block failure. In the meantime, the recent Chrome 129 update includes fixes for other cybersecurity vulnerabilities, and security experts recommend installing that version (if it’s available) to avoid additional security issues. Restart your browser after installation to ensure the security patches are in place.

Used with permission from Article Aggregator

To top