Wed Sep 25 08:11:15 UTC 2024: ## Malware Hackers Claim to Bypass Chrome’s New Encryption Feature

**Google’s recent security update for Chrome 127, aimed at protecting user data from infostealer malware, has seemingly been compromised.**

The update introduced “application-bound encryption,” which encrypts browser cookies tied to specific applications, making it harder for hackers to steal sensitive data and bypass two-factor authentication. However, malware developers claim to have found a way to circumvent this security measure within minutes.

Bleeping Computer and Risky Business have reported that developers of popular infostealer malware tools, including Lumma, Vidar, and Rhadamanthys, have released updated versions of their malware boasting the ability to bypass Chrome’s new encryption.

The developers claim that the updated malware can effectively “crack” the cookie encryption, allowing them to steal browser cookies and gain unauthorized access to user accounts.

**Google has acknowledged the situation and confirmed that some malware, such as Lumma Stealer and Vidar, can indeed bypass the cookie encryption feature.** While the company expects this new defense to shift attacker behavior toward other techniques, they are actively working with operating system and antivirus vendors to combat these emerging threats.

**This news raises concerns about the effectiveness of Google’s security measures and the ongoing battle against malware.** Users are advised to remain vigilant and employ additional security practices like strong passwords and multi-factor authentication to protect their online accounts.

Read More