VoidStealer Trojan Bypasses Chrome Security — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 17, 2026

Severity: CRITICAL | View Full Scam Details

VoidStealer Trojan Scam 2026: How It Bypasses Chrome Security and Targets Indian Users via Phishing

In 2026, Indian internet users face a critical cybersecurity threat as the VoidStealer Trojan bypasses Chrome’s defenses, stealing sensitive data through phishing attacks on popular platforms like WhatsApp.

What Is the VoidStealer Trojan Bypasses Chrome Security?

The VoidStealer Trojan is a dangerous piece of malware actively targeting Indian users in 2026 by evading Google Chrome’s built-in security features. Unlike ordinary phishing scams, this Trojan uses sophisticated methods to slip past security warnings, making it a critical threat with a risk score of 9/10. Its main aim is to steal banking credentials, UPI PINs, Aadhaar-linked information, and personal data.

This scam mainly targets everyday internet users who rely on mobile phones and desktop browsers to access digital banking, UPI apps, and communication platforms such as WhatsApp and Facebook Messenger. The malware’s widespread presence has been flagged by CERT-In and the Indian government’s Integrated Cyber Crime Coordination Centre (I4C), highlighting increasing incidents involving financial frauds and identity theft linked to this Trojan.

Reports show that the scam is growing across India, especially among first-time digital users who are less familiar with how phishing and malware operate. The Reserve Bank of India (RBI) has issued warnings reminding users to be vigilant, since these attacks often result in unauthorized UPI fund transfers or SIM swap-related frauds.

How This Scam Works — Step by Step

Here’s a clear breakdown of how scammers deploy the VoidStealer Trojan to dupe victims:

1. Initial Contact via WhatsApp or Social Media: The victim receives a message claiming to be from a trusted source — either their bank, a government agency, or even a friend. The message appears urgent, warning of a security breach or a required account update.

2. Malicious Link or File Shared: The message contains a link to a fake website or a downloadable file disguised as an "essential update" (e.g., browser update, bank app patch). Because the Trojan can bypass Chrome’s security, the link may not trigger usual phishing warnings.

3. Victim Clicks and Installs Malware: Clicking the link or installing the file infects the user’s device with the VoidStealer Trojan. The malware integrates without noticeable symptoms, silently harvesting saved credentials, cookies, UPI apps, and Aadhaar data.

4. Data Extraction and Exploitation: Using stolen credentials, scammers initiate unauthorized transactions on UPI apps or access Aadhaar-linked services. They may also attempt SIM swap frauds to intercept OTPs and bypass 2FA.

5. Financial Loss Occurs: Within hours or days, victims discover unauthorized fund transfers in INR, blocked accounts, or locked digital wallets. Victims are often helpless as RBI does not allow reversals of successful UPI transactions easily, amplifying the damage.

Real Warning Signs to Watch For

• Unexpected WhatsApp or social media messages urging urgent action with alarming language.
• Links that lead to login pages with slight misspellings or weird URLs (e.g., yourbank-secure.instead of yourbank.in).
• Requests to download browser updates or banking app patches directly through chat messages.
• Messages claiming your Aadhaar or UPI accounts are "blocked" or "compromised," pushing you to update info immediately.
• Poor grammar or unusual phrasing in messages supposedly from banks or government agencies.
• Any request for sharing OTPs, PINs, passwords, or Aadhaar details directly via message.
• Inability of your Chrome browser to flag suspicious links after clicking.

What Happens to Victims

Victims of the VoidStealer Trojan face more than just financial loss. In India, these scams often lead to permanent funds depletion via UPI apps since RBI refunds for such frauds are rare and slow. Many users have reported blocked accounts and difficulties restoring normalcy due to Aadhaar misuse or SIM swap fraud, which lets scammers intercept OTPs and 2FA codes.

Emotionally, victims feel violated and helpless since the malware remains invisible for long periods, delaying detection. The fear of identity theft also affects victims’ willingness to use digital platforms again, leading to digital exclusion in a country rapidly moving towards digital payments and governance.

What RBI and CERT-In Say

The Reserve Bank of India has highlighted phishing and Trojan malware as key threats in its Consumer Protection guidelines and advised users to avoid clicking on suspicious links or downloading files from untrusted sources. RBI’s helpline for reporting financial fraud is available at 1800-112-191.

CERT-In (Indian Computer Emergency Response Team) has issued advisories on the VoidStealer Trojan, urging users to regularly update their devices, use strong app permissions, and report suspicious cybercrime at the national helpline 1930. CERT-In has also coordinated with I4C to monitor these phishing campaigns and work with ISPs to block malicious domains.

How to Protect Yourself

1. Never Click Links from Unknown or Unexpected Messages: Especially if they ask for personal info or app updates.
2. Verify Messages with Official Sources: Contact your bank via official phone numbers or apps instead of trusting WhatsApp forwards.
3. Use Multi-Factor Authentication (MFA): Prefer authenticators over SMS-based OTPs where possible to prevent SIM-related hacks.
4. Keep Chrome and Your Apps Updated: But only through official app stores or browser settings, never from third-party links.
5. Enable Browser Security Features: Use Google Safe Browsing and confirm suspicious URLs before entering credentials.
6. Avoid Sharing OTPs or PINs Anytime: No legitimate entity will ask you to share these via message or call.
7. Regularly Monitor Bank and UPI Transactions: Check your bank statements daily and immediately report any unknown debits.

What to Do If You’ve Been Targeted

• Immediately Contact Your Bank and UPI Provider: Request to block or freeze your accounts to prevent further fraud.
• Report the Incident to CERT-In: Call the national cybercrime helpline at 1930 and file an online complaint at cybercrime.gov.in.
• Inform Your Mobile Operator: To check for SIM swap activity and secure your mobile number.
• Change All Passwords and Enable MFA: On your banking apps, email, and Aadhaar-linked accounts.
• File a Police Complaint: Take a cybercrime FIR at your local police station or via cybercrime.gov.in.
• Monitor Credit Reports: Use platforms approved by RBI to watch for identity theft or loan fraud attempts.

Frequently Asked Questions

Q: How does VoidStealer bypass Chrome security?
A: VoidStealer uses advanced phishing tactics and disguises itself as trusted updates or websites, tricking Chrome’s security filters and users into installing malware without triggering obvious warnings.

Q: Can UPI transactions be reversed if I lose money to this scam?
A: Unfortunately, RBI does not guarantee reversal for successful UPI transactions because UPI payments are instantaneous. Immediate reporting and preventive blocking are crucial to minimize losses.

Q: Is it safe to update apps or browsers from links sent on WhatsApp?
A: No. Always update apps or browsers only through official app stores or settings menus. Third-party links can be malicious and install malware like VoidStealer.

Stay alert and protect yourself from phishing scams like VoidStealer Trojan. Unsure about a message or link? Verify immediately at BharatSecure.app — your trusted shield against digital fraud.