Google Chrome adds protection against malware by binding encryption to applications

2 August 2024 2 minutes Author: Newsman

Google has announced the introduction of a new protection technology in the Chrome browser that will prevent the theft of cookies by malicious software on Windows systems.

The new function of binding encryption to applications increases the level of protection of cookies and makes it more difficult for attackers who want to steal data. It also reduces the possibility of unauthorized access to protected data and increases the security of Chrome users.

The new function of binding encryption to applications (App-bound encryption) integrates the identity of the application (in this case Chrome) into the encrypted data, which prevents access to it by other applications when trying to decrypt it. This makes the malware not only run malicious apps, but also gain system privileges or inject code into Chrome, which is a much more difficult task. This feature only applies to cookies for now, but it is planned to be extended to passwords, payment details and other authentication tokens in the future.

Previously, Chrome used the Data Protection API (DPAPI) to protect data at rest from other system users and cold boot attacks. However, DPAPI does not protect against malicious applications that can execute code on behalf of a registered user, allowing information thieves to gain access to cookies.

Google also announced that it has no plans to drop support for third-party cookies in Chrome, which drew criticism from the World Wide Web Consortium (W3C), which emphasized the need to drop such cookies to ensure user privacy.

Other related articles
News
Read more
The US released famous Russian hackers during a prisoner exchange
The US has released notorious Russian hackers Roman Seleznev and Vladyslav Klyushin in a historic prisoner swap involving several countries. The prisoner exchange underscores the importance of international cooperation in security and human rights issues. Seleznyov and Klyushin were convicted of major cybercrimes in the United States.
301
News
Read more
The attackers’ attack resulted in the shutdown of 300 Indian banks
The Reserve Bank of India has isolated more than 300 small banks due to a hacker attack on C-Edge Technologies that caused payment systems to go down. Affected banks make up only 0.5% of the volume of the Indian payment system. NPCI is conducting an audit to prevent the attack from spreading. Indian banks have been warned about possible cyber attacks.
281
News
Read more
BangBros data leak
Your personal information may be at risk due to data leaks on adult sites like BangBros. Use a VPN, create separate email addresses for such sites, and be wary of phishing to reduce the risk of blackmail and loss of privacy.
315
Found an error?
If you find an error, take a screenshot and send it to the bot.