Glove Stealer bypasses Chrome's App-Bound Encryption to steal cookies
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Researchers have discovered a new .NET-based information stealer called Glove Stealer that targets browser extensions and local software to steal sensitive data like cookies, passwords, and cryptocurrency wallets. It uses a novel technique to bypass Chrome's App-Bound encryption by exploiting the IElevator service. The malware is distributed through phishing campaigns and requires administrative privileges to place its module in Chrome's Program Files directory. Once executed, it contacts a command-and-control server to exfiltrate harvested data.
OPENCTI LABELS :
phishing,malware,information stealer,chrome,encryption bypass,glove stealer
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Glove Stealer bypasses Chrome's App-Bound Encryption to steal cookies