April 2, 2026

New Threat Alert: Storm Infostealer Bypasses Endpoint Security with Remote Decryption Technique

Vaibhav April 2, 2026
New-Threat-Alert-Storm-Infostealer-Bypasses-Endpoint-Security-with-Remote-Decryption-Technique
Post Views: 7

A Newly Identified Infostealer Bypasses Traditional Security Measures

A recently uncovered infostealer dubbed “Storm” has been found to evade conventional security systems by employing server-side decryption and session hijacking techniques.

Storm’s Capabilities

  • The Storm infostealer collects browser credentials, session cookies, and cryptocurrency wallet data.
  • It then transmits this information to attacker-controlled servers for decryption, reducing the visibility of malicious activity on infected devices.
  • Supports both Chromium and Gecko-based browsers, expanding its reach across various platforms.
  • Collected data includes saved passwords, session cookies, autofill entries, account tokens, credit card information, and browsing history.

Methodology

The malware employs server-side decryption, eliminating many indicators introduced in App-Bound Encryption in Chrome 127, making detection more complicated.

“The use of server-side decryption and automated session restoration enables attackers to bypass multi-factor authentication and maintain persistent access, raising concerns about detection and response capabilities across enterprise environments.” — Security Researchers

Targeting Strategy

Analysis of operational logs indicates activity spanning multiple countries, including India, the United States, Brazil, Indonesia, Ecuador, and Vietnam.

  • Credentials linked to major online services and cryptocurrency platforms were observed.
  • The tool is marketed on a subscription model, with pricing tiers ranging from short-term access to full team licenses supporting multiple operators and builds.

Conclusion

The emergence of Storm highlights concerns regarding detection and authentication safeguards in digital systems.

“This sophisticated malware enables attackers to gain unauthorized access to user accounts without needing passwords, highlighting concerns regarding detection and authentication safeguards in digital systems.”


Blog Image

About Author

Vaibhav

See author's posts

More Stories

WhatsApp-Malware-Alert-Microsoft-Warns-of-Backdoor-Threat-on-Windows-PCs

WhatsApp Malware Alert: Microsoft Warns of Backdoor Threat on Windows PCs

Vaibhav April 2, 2026
Malware-Campaign-Sells-Storm-Infostealer-as-Legitimate-Browser-Extension-targetting-wallets-accounts

Malware Campaign Sells Storm Infostealer as Legitimate Browser Extension, targetting wallets & accounts

Vaibhav April 2, 2026
Sophisticated-Malware-Threat-CrystalX-RAT-Emergeances-on-the-Scene

Sophisticated Malware Threat: CrystalX RAT Emergeances on the Scene

Vaibhav April 2, 2026

Latest Cyber Security News

Apple-Introduces-Expanded-DarkSword-Vulnerability-Shield-for-Multiple-Devices

Apple Introduces Expanded DarkSword Vulnerability Shield for Multiple Devices

Vaibhav April 2, 2026
Software-Supply-Chain-Attacks-Cause-Surge-in-Cyber-Infiltrations-and-Data-Breaches

Software Supply Chain Attacks Cause Surge in Cyber Infiltrations and Data Breaches

Vaibhav April 2, 2026
Financial-Sector-on-High-Alert-Due-to-AI-Driven-Fraud-Surge

Financial Sector on High Alert Due to AI-Driven Fraud Surge

Vaibhav April 2, 2026
Khammam-Police-Busts-Multi-Crore-Cyber-Fraud-Case-Involving-Bank-Employees

Khammam Police Busts Multi-Crore Cyber Fraud Case Involving Bank Employees

Vaibhav April 2, 2026
Hyderabad-Cybercrime-Bust-19-Arrests-Made-in-Recent-Operation

Hyderabad Cybercrime Bust: 19 Arrests Made in Recent Operation

Vaibhav April 2, 2026
en_USEnglish
en_USEnglish