Chrome for Windows adds app-linked encryption to block malware

July 31 (Portaltic/EP) –

Google has announced that the latest update to its browser Chrome for Windows Improves user data protection with app-bound encryption functionality to stop malware attacks that steal information.

The company has explained that Chrome currently protects sensitive data such as cookies and user passwords using the “strongest” techniques provided by operating systems, something that it aims to reinforce with a new layer of security.

While Google’s browser uses the Keychain services on macOS and a system-provided wallet (kwallet or gnome-libsecret) on Linux, on Windows it uses the Data Protection Application Programming Interface (DPAPI).

This protects data at rest from other system users or from cold boot attacks, where cybercriminals gain unauthorized access to sensitive data on a computer by taking over the computer and rebooting it to access the data, even after the system has been shut down.

Google has acknowledged that DPAPI “does not protect against malicious applications capable of executing code as the logged-in user,” which data thieves see as an opportunity to launch malicious campaigns.

Now, a new layer of protection arrives in Windows that improves DPAPI in the latest version of its browser, Chrome 127. This is possible because it provides App-Bound encryption. This means that the browser can now encrypt information linked to the identity of the application, a way of working similar to Keychain on macOS.

This encryption verifies the identity of the requesting application and, during encryption, encodes the application’s identity into the protected data to verify that it is valid when attempting to decrypt.

Google has also said that App-Bound runs with system privileges, so that “the attackers must do something more than simply convincing a user to run a malicious application.”

Therefore, information-stealing malware must either gain system privileges or inject code into Chrome. Because this is “something legitimate software should not do,” These actions are recognized as suspicious and are easy to detect by antivirus.

Google has announced that it will include this system in other browser services, starting with ‘cookies’ and that “in future versions” will extend this protection to passwords, payment data and other authentication tokens to “further” protect users from information-stealing malware.

The firm has finally indicated that application-linked encryption increases the cost of data theft for attackers and helps system security defense services draw “a clear line about what is acceptable behavior for other applications on the system.”