A new type of malware is targeting the Chrome browser and stealing your encryption keys without you knowing it

A new type of malware is targeting the Chrome browser and stealing your encryption keys without you knowing it.

A new threat has raised concerns in the cybersecurity field. It is malware designed to directly attack the Google Chrome browser using sophisticated technology capable of extracting encryption keys from system memory.

Cybersecurity firm Gen Digital has identified this threat as VoidStealer version 2.0, a worrying escalation due to its ability to bypass one of the browser's main security measures, known as Application-Linked Encryption (ABE).

This malware is highly sophisticated in its operation. Instead of using traditional methods like code injection, it relies on an unusual technique that allows it to operate stealthily. Specifically, it starts a hidden process in a suspended Chrome browser, connects to it as a debugger, and waits for essential system components to load.

The critical moment of the attack occurs during browser startup, when some of the encrypted data is temporarily decrypted in memory. VoidStealer exploits this moment to capture the master key directly as plain text.

Because it does not cause any visible change to the system, this method is difficult to detect, whether for traditional antivirus programs or more sophisticated security solutions.

The researchers point out that although similar concepts have been studied in academia, this is the first time that a practical application of this method has been observed in real attacks.

Currently, Google has not issued an official response regarding this specific security vulnerability, which is increasing concern within the technology community.