How does Storm malware bypass security measures?

Storm malware bypasses security by targeting session cookies, which allows attackers to hijack user sessions remotely without needing passwords or multi-factor authentication.

Why is Storm malware considered stealthy?

Storm malware is stealthy because it processes stolen data server-side, avoiding local decryption and thus reducing visibility for endpoint security tools.

How is Storm malware distributed?

Storm malware is distributed as a subscription service, with various pricing tiers available, making advanced account hijacking tools more accessible to cybercriminals.

Home / Technology / Hackers Steal Sessions, Bypass All Logins

Hackers Steal Sessions, Bypass All Logins

8 Apr

•

Summary

Storm malware steals session cookies, bypassing passwords and MFA.
Data is processed server-side, evading endpoint security detection.
Malware sold as a subscription service, lowering cybercrime entry barriers.

Hackers Steal Sessions, Bypass All Logins

A novel infostealer malware, identified as Storm, has emerged, fundamentally altering account compromise tactics. This malware targets session cookies, enabling attackers to bypass password requirements and even multi-factor authentication, thereby hijacking legitimate user sessions remotely. Storm operates server-side, processing encrypted browser data including credentials and session tokens for both Chromium and Gecko-based browsers. This stealthy approach diminishes visibility for endpoint security solutions by avoiding local decryption of sensitive information.