Dossier
Chrome Native Messaging
Coverage of Chrome Native Messaging in the Nexus archive.
- Malware steals Chrome session cookies to take over your accounts
A phishing email with a malicious JavaScript file disguised as a PDF installs a Chrome extension that steals session cookies and uses Chrome Native Messaging to execute PowerShell commands. The malware bypasses multi-factor authentication by hijacking active browser sessions and collects data like open tabs and system files.