1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Google Chrome rolls out a new tool to try and stop infostealer ma

    From TechnologyDaily@1337:1/100 to All on Fri Apr 10 16:00:33 2026
    Google Chrome rolls out a new tool to try and stop infostealer malware in its tracks

    Date:
    Fri, 10 Apr 2026 14:45:00 +0000

    Description:
    New Device Bound Session Credentials feature for Google Chrome is also coming to macOS soon.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Google adds Device Bound Session Credentials to Chrome DBSC ties session cookies to hardware keys, blocking theft Feature live on Windows, macOS rollout coming soon Google has rolled out a new Chrome browser feature which should make stealing session cookies for use in infostealer malware attacks a thing of the past.

    Chrome 146 for Windows has introduced a new security feature called Device Bound Session Credentials (DBSC), which works by cryptographically binding authentication sessions to the physical device used to authenticate. It does so through hardware-backed security modules (such as the Trusted Platform Module on Windows) to generate a unique public/private key pair that cannot
    be exported from the machine. Article continues below You may like A new malware service promises to skip Google's review process and get your malware straight onto the Chrome Store New $900-per-month malware service enables widespread account hijacking Why stolen credentials continue to work even where MFA is in place Why are cookies important? The issuance of new short-lived session cookies is contingent upon Chrome proving possession of the corresponding private key to the server, Google explained in its announcement. Because attackers cannot steal this key, any exfiltrated
    cookies quickly expire and become useless to those attackers.

    Google says the new feature will allow websites to upgrade to secure sessions by adding dedicated registration and refresh endpoints to their backend,
    while maintaining compatibility with the existing front-end.

    Chrome will handle cryptography and cookie rotation, while the web app will continue using standard cookies for access, just as before. Right now, the search engine giant only released an upgrade for Windows, with the macOS variant rolling out in the coming weeks.

    An early version of this protocol was rolled out in 2025, Google said, noting that for sessions protected by DBSC, it observed a significant reduction in session theft. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners
    or sponsors By submitting your information you agree to the Terms &
    Conditions and Privacy Policy and are aged 16 or over.

    Ever since multi-factor authentication ( MFA ) became industry standard, browser session cookies have gotten extremely valuable. Since these cookies are generated post authentication, cybercriminals can effectively bypass this important authentication step and gain access to target accounts.

    Hackers usually steal these cookies by using infostealing malware, trick ingtheir targets into downloading Lumma, Vidar, StealC, AMOS, or any other variant, capable of grabbing not only session cookies, but also stored passwords, cryptocurrency wallet data, contents of the clipboard, and more. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/google-chrome-rolls-out-a-new-tool-to-t ry-and-stop-infostealer-malware-in-its-tracks


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)