Google Chrome Enhances Security with New App-Bound Encryption to Combat Infostealer Malware

Google’s latest update introduces advanced protection against data theft, making it tougher for malware to access sensitive information.

Google Chrome has taken a major step forward in protecting user data with its latest update, introducing app-bound encryption for Windows systems. This new feature aims to bolster defenses against infostealer malware, which often targets sensitive information like cookies and passwords.

In a recent post, Chrome software engineer Will Harris explained that while Chrome already uses robust security measures provided by various operating systems—such as Keychain services on macOS, kwallet or gnome-libsecret on Linux, and the Data Protection API (DPAPI) on Windows—these protections have limitations.

To address this, Chrome 127 introduces a new layer of security called App-Bound Encryption. This feature enhances DPAPI by encrypting data tied to the app’s identity, similar to how Keychain functions on macOS. By using a new Windows service that operates with 'SYSTEM' privileges, Chrome can verify an app’s identity before allowing access to encrypted data. This means that only the intended app can decrypt the data, making it much harder for other apps, including malicious ones, to access it.

This new protection extends to passwords, payment data, and other authentication tokens, offering users enhanced security against data theft. The update complements other recent security measures in Chrome, such as Safe Browsing for downloads, Device Bound Session Credentials, and account-based threat detection for stolen cookies.

Harris noted that App-Bound Encryption increases the difficulty for attackers and makes their activities more noticeable, helping defenders better detect and respond to suspicious behavior on the system.