research poc
Proof-of-Concept Tool Bypasses Chrome App-Bound Encryption to Extract Browser SecretsChrome-App-Bound-Encryption-Bypass
A publicly released proof-of-concept tool demonstrates in-memory bypass of Chromium's App-Bound Encryption (ABE) to extract cookies, passwords, browsing history, autofill data, and payment information from Chrome, Brave, and Edge without admin privileges. The tool uses direct syscall-based reflective process hollowing to evade endpoint defenses and operates filelessly. It highlights a technique that could be adopted by attackers to steal sensitive browser data.