Windows Users Warned as Hacker Bypasses Google Chrome’s 2FA Encryption

A new cybersecurity threat has emerged as hackers break through Google Chrome’s Application Bound Encryption, a feature designed to protect users’ cookies and other sensitive data. This development raises concerns about the security of two-factor authentication (2FA) protections in Google Chrome, particularly for Windows users.

Introduced with Chrome 127, the Application Bound Encryption feature was created to prevent cybercriminals from accessing critical data, including session cookies that allow users to remain logged in without re-authenticating. By securing cookies, Chrome’s encryption helps block credential-stealing malware from bypassing 2FA. Unfortunately, a new hacking tool has cracked this layer of protection, allowing attackers to steal and decrypt data previously shielded by Chrome’s encryption.

Security researcher Alex Hagenah, known as “xaitax,” recently released a tool called “Chrome App-Bound Encryption Decryption.” This tool leverages Chrome’s internal IElevator service to retrieve and decrypt keys, exposing data like cookies, and possibly even future targets such as passwords and payment details. Hagenah stated that the tool is intended for educational and research purposes, emphasizing that users should operate within legal and ethical guidelines.

According to Google, this tool requires administrative privileges, which indicates that Chrome’s security elevation has been partially effective. However, with the hacking community showing how to bypass these protections, the risks to user data are now greater than before. As the battle between cybersecurity measures and cybercriminal innovation intensifies, users are urged to remain vigilant and ensure their software and operating systems are fully up-to-date.