Google Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. This new technology uses a Windows service running under ‘SYSTEM’ privileges to confirm an app’s identity when it requests encryption, ensuring that only the intended app can decrypt the data.
Chrome currently uses the operating system’s techniques to safeguard sensitive data like cookies and passwords. However, this does not protect against malicious tools or scripts designed to execute code as the logged-in user, which infostealer malware exploits. The new protection improves on the existing Data Protection API (DPAPI) by providing app-bound encryption primitives.
The service encodes the app’s identity into the encrypted data, making it difficult for attackers to steal data. This improved protection capability will be expanded to passwords, payment data, and other persistent authentication tokens. It also adds to Google’s recent initiatives to protect user data, such as Chrome’s download protection using Safe Browsing, Device Bound Session Credentials, and account-based threat detection to flag the use of stolen cookies.
Source: https://www.bleepingcomputer.com/news/security/google-chrome-adds-app-bound-encryption-to-block-infostealer-malware/