Lumma Stealer Outsmarts Chrome, Your Cookies Are Back on the Menu

The malware Lumma Stealer just got an update, bypassing Google Chrome's latest cookie protections and making your data even more vulnerable.

By Marco Rizal - Editor, Journalist 3 Min Read
Share this post?
Share this post?

The malware Lumma Stealer just got an update, bypassing Google Chrome's latest cookie protections and making your data even more vulnerable.

  • Lumma Stealer is a malware that now bypasses Google's app-bound encryption.
  • This update makes it easier for Lumma to steal sensitive data from Chrome users.
  • Prices for the updated malware have increased to $500 per month.

Lumma Stealer, a well-known information-stealing malware, has just released an update that bypasses Google Chrome’s latest app-bound cookie encryption.

For those keeping track, Google recently added this encryption to improve cookie security on Windows systems.

However, Lumma Stealer’s developers have already announced that they have defeated this defense, much to the chagrin of Chrome users and cybersecurity experts alike.

image 61
Vidar Stealer announces workaround to Chrome fix (Credit: @g0nxja)

Lumma is being sold as Malware-as-a-Service (MaaS) on underground forums, particularly in Russian-speaking communities.

In other words, anyone willing to pay can gain access to this malware.

Lumma Stealer is not the only one in the game. Other popular malware, such as Vidar and StealC, are also attempting to bypass Chrome’s new cookie encryption.

Vidar’s developers have talked about using a TPM (Trusted Platform Module) for encryption, which is a chip on your computer’s motherboard designed for security purposes.

Meanwhile, Lumma goes a step further by ensuring that its new features are not detected by Windows Defender.

First discovered by X user @g0nxja, Lumma Stealer’s developers issued a full statement outlining the new features in this update.

image 60
Update post by Lumma Stealer via Telegram (Credit: @g0nxja)

The most concerning change is the app-bound cookie encryption bypass, which specifically targets the most recent versions of Google Chrome.

They’ve made it clear that users must update to the most recent build to begin collecting new cookies.

In addition, they’ve “cleaned up” how Windows Defender detects malware, attempting to bypass security measures on Windows 10 and 11 systems.

This update comes with a price increase. Lumma Stealer now costs $500 per month (previously ~$250), which the developers claim remains the “lowest price for extensive functionality.”

As if that’s any better. They even claimed that in their test mode, they had successfully learned how to decrypt cookies and adapt to avoid detection by Windows Defender.

If you use Google Chrome, this is a major issue. Cookies contain important information such as login credentials and session data.

With the latest Lumma Stealer update, cybercriminals can now bypass Chrome’s latest security measures to steal this information.

Once stolen, your sensitive information could be used for everything from identity theft to unauthorized account access.

Leave a comment