Catalin Cimpanu on Nostr: Ok, so this is very clever. Some infostealer devs are forcing browsers to enter in ...
Ok, so this is very clever.
Some infostealer devs are forcing browsers to enter in Kiosk Mode and forcing users to enter credentials on legitimate sites.
Once entered, they are stored in Chrome's password manager, from where it can be easily extracted
https://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html
Some infostealer devs are forcing browsers to enter in Kiosk Mode and forcing users to enter credentials on legitimate sites.
Once entered, they are stored in Chrome's password manager, from where it can be easily extracted
https://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html