Mikkel Christensen
A newly discovered malware strain is raising serious concerns after showing it can bypass modern browser protections and steal sensitive user data.
A newly discovered malware strain is raising serious concerns after showing it can bypass modern browser protections and steal sensitive user data.
Known as “Storm,” the tool represents a more advanced generation of infostealers.
According to BGR, citing cybersecurity firm Varonis, the malware can collect passwords, session cookies, crypto wallets and even authentication tokens from infected devices.
New attack method
Traditional infostealers typically decrypt stolen data directly on a victim’s device, making them easier for security tools to detect.
Storm takes a different approach by collecting encrypted data and sending it to attacker-controlled servers, where it is decrypted remotely.
Evolving techniques
This shift follows Google’s introduction of App-Bound Encryption in Chrome, which made local decryption more difficult for attackers.
Varonis explained that Storm bypasses this by avoiding local decryption entirely, allowing attackers to reconstruct hijacked sessions outside the infected system.
Wide data access
The malware can extract a broad range of information, including saved passwords, browsing histories and credit card details.
It can also capture Google account tokens and session data, enabling attackers to bypass two-factor authentication protections.
Hard to detect
Because most of the activity happens off-device, many endpoint security tools struggle to identify the threat.
BGR reported that Storm supports multiple browsers, including Chromium-based platforms and Firefox, increasing its potential reach.
Growing threat
Varonis said the malware is available for less than $1,000 per month, making it accessible to a wide range of attackers.
Experts advise users to clear cookies regularly, avoid suspicious downloads, and review browser permissions to reduce the risk of compromise.
Sources: BGR, Varonis
