Glove Stealer Emerges A New Malware Threat For Browsers

Security researchers have uncovered a new malware strain actively targeting web browsers in the wild. Known as Glove, this malware is designed to steal valuable information stored within browsers.

Glove Stealer Malware Targets Web Browsers

A detailed technical analysis conducted by security researcher Jan Rubín has shed light on a newly discovered malware strain named “Glove.” This malicious software primarily functions as an information stealer, focusing on extracting sensitive data from web browsers.

The attack typically begins with the deployment of phishing tactics to lure users into downloading the malware. The attackers utilize techniques similar to ClickFix attacks, which involve displaying fake error messages within HTML files embedded in phishing emails.

Once a user falls victim to the phishing lure and downloads the malicious attachment, they are presented with a fake error prompt and instructions on how to resolve the issue. Following these instructions unknowingly leads to the installation of the malware. Once executed on the target device, the Glove stealer connects to the attacker’s command and control server to initiate data exfiltration from web browsers.

The Glove malware primarily targets browsers based on the Chromium engine but is also capable of stealing data from other browsers such as Mozilla Firefox.

Of particular interest is the malware’s ability to bypass Google Chrome’s recently implemented security measure – App-Bound Encryption, aimed at preventing cookie theft by information stealers. Glove achieves this workaround by leveraging an additional .NET payload known as zagent.exe, which bypasses the App-Bound encryption using IElevator service.

By successfully circumventing this security measure, Glove poses a significant threat as an advanced information-stealing malware capable of extracting sensitive data including passwords and cryptocurrency wallets from compromised browsers.

As always, the responsibility of protecting against such threats lies with end-users who can mitigate risks by remaining vigilant against unsolicited communications. Increased awareness of phishing tactics can help users safeguard their devices from potential cyber threats.

We welcome your thoughts and feedback in the comments section.