Skip to content
The Nexus
SECURITYJun 26 · 12:44 UTCMALWAREBYTES LABS

Malware steals Chrome session cookies to take over your accounts

A phishing email with a malicious JavaScript file disguised as a PDF installs a Chrome extension that steals session cookies and uses Chrome Native Messaging to execute PowerShell commands. The malware bypasses multi-factor authentication by hijacking active browser sessions and collects data like open tabs and system files.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting