VoidStealer Trojan Bypasses Chrome Security — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 12, 2026

Severity: HIGH | View Full Scam Details

VoidStealer Trojan Scam 2026: How Cybercriminals in India Bypass Chrome Security Using Phishing

The VoidStealer Trojan is a dangerous new phishing scam targeting millions of Indian internet users by bypassing Google Chrome’s security to steal sensitive data.

What Is the VoidStealer Trojan Bypasses Chrome Security?

VoidStealer is a sophisticated Trojan malware that cybercriminals use to quietly infiltrate Google Chrome browsers, stealing passwords, banking details, and other personal information. This scam is especially concerning for India because Google Chrome dominates the browser market here — with over 70% users preferring it for daily internet activities like banking, shopping, and communication through apps like WhatsApp.

The scam primarily targets ordinary internet users across India, from young professionals to senior citizens, exploiting common digital behaviours. Scammers send fake messages impersonating trusted entities such as banks, government services (Aadhaar or the Income Tax Department), and popular apps, luring victims into clicking malicious links. The outbreak of COVID-19 and financial hardships made these scams more effective, as people were more trusting when messages promised financial aid or job offers.

CERT-In (India’s Cyber Emergency Response Team) has issued warnings to stay vigilant against such phishing Trojans, especially as scammers keep evolving to bypass browser security measures. The Indian government’s I4C (Indian Cyber Crime Coordination Centre) has also classified such scams as high risk, giving this one a 7/10 severity score.

How This Scam Works — Step by Step

1. Targeted WhatsApp Message or Email: You receive a message on WhatsApp or email pretending to be from your bank, government agency, or popular app. The message contains urgent instructions — like verifying your UPI account, confirming a job offer, or claiming a COVID relief fund.

2. Malicious Link Clicked: When you click the link, it appears to direct you to a legitimate-looking website or application. The site asks for login details or Aadhaar authentication — often mimicking official designs to build trust.

3. VoidStealer Trojan Downloaded: Behind the scenes, the Trojan silently downloads onto your device by exploiting Chrome browser vulnerabilities. It bypasses Chrome’s usual security alerts so you don’t notice any red flags.

4. Data Extraction Begins: Once installed, VoidStealer accesses saved passwords, bank credentials, UPI PINs, and even extracts OTPs (One Time Passwords) received on your phone. If your Aadhaar number was entered, it can harvest KYC details.

5. Account Takeover and Fraud: Scammers use this sensitive data to immediately make transactions through UPI, SIM swap your mobile number to intercept OTPs, or access your bank accounts to transfer money. Victims only realise after losing money or identity theft occurs.

Real Warning Signs to Watch For

• Unsolicited WhatsApp or SMS messages urging urgent action like "Verify UPI now," or "Claim govt. aid immediately"
• URLs that look similar but are slightly misspelled or have strange domain endings (e.g., .net instead of .gov.in)
• Messages claiming to be from banks or government agencies but coming from personal phone numbers or unofficial accounts
• Requests to enter OTP, UPI PIN, or Aadhaar numbers on websites that don't start with "https://"
• Fake job offers promising high salary with no interviews or detailed application process
• Receiving unexpected pop-ups or download prompts when visiting these links on Chrome
• Browser warnings overridden or ignored that usually alert you about unsafe sites

What Happens to Victims

Once infected, victims suffer immediate financial losses as crooks quickly drain bank accounts or send money via UPI using stolen credentials. Because UPI transactions are instant and usually irreversible, reclaiming funds is difficult and time-consuming. Victims may also face Aadhaar misuse, leading to fraudulent loans or SIM swap attacks that further compromise mobile security.

Emotionally, many experience stress, anxiety, and loss of trust in digital banking. Seniors and less tech-savvy users, who form a significant part of India’s digital growth, are especially vulnerable. The fear of identity theft and the hassle of restoring accounts leads to prolonged distress.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has repeatedly alerted users to beware of phishing attacks, advising never to share UPI PINs or OTPs and always using only official bank apps or websites. RBI helpline numbers can help report suspicious banking transactions immediately.

CERT-In has circulated advisories on the VoidStealer Trojan and similar malware, urging users and organisations to update browsers regularly, avoid clicking unknown links, and use device security solutions. They also highlight the importance of reporting incidents on cybercrime.gov.in and using the 1930 cybercrime helpline to seek quick government assistance.

How to Protect Yourself

1. Never click on links from unknown or suspicious WhatsApp messages or emails.
2. Always verify the sender’s identity by contacting banks or government services directly via their official website or helpline.
3. Keep your Chrome browser and device OS updated to patch known vulnerabilities.
4. Avoid entering sensitive details like UPI PIN or Aadhaar number on unfamiliar websites. Check the URL carefully for "https://" and official domain extensions (.gov.in, .bank.in).
5. Install trusted antivirus or anti-malware software and scan your device regularly.
6. Enable two-factor authentication (2FA) for mobile banking apps and UPI.
7. Be alert to unexpected pop-ups or download requests on Chrome and cancel anything suspicious.

What to Do If You’ve Been Targeted

• Immediately change all passwords linked to your bank and online accounts, especially UPI PIN.
• Contact your bank and report unauthorized transactions. Request them to block or freeze your accounts if needed.
• File a complaint on cybercrime.gov.in, providing all details about the phishing message and any transaction IDs.
• Call the national cybercrime helpline at 1930 for assistance, and reach out to the RBI helpline if banking fraud is involved.
• Alert your mobile service provider and request a SIM reissue to prevent SIM swap fraud.
• Monitor your Aadhaar-linked services regularly for any suspicious activity.

Frequently Asked Questions

Q: How can the VoidStealer Trojan bypass Chrome’s security?
A: VoidStealer exploits security vulnerabilities in Chrome that scammers constantly research. It disguises itself as legitimate software or silently downloads without triggering usual warnings, letting it steal data unnoticed.

Q: Can I recover money lost due to this scam?
A: Because UPI and banking transactions happen instantly, recovering lost money is challenging. However, immediate reporting to banks and cybercrime authorities increases chances of protection and prevents further losses.

Q: Is updating my phone enough to prevent this scam?
A: Updating is crucial but not sufficient alone. You must avoid clicking unknown links, use strong passwords, and verify all communications to protect yourself from VoidStealer and other phishing attacks.

Don’t take chances with suspicious messages asking for your bank or Aadhaar information. Verify before you click — visit BharatSecure.app to confirm if a message or link you received is safe and fraud-free. Stay alert, stay safe!