VoidStealer Trojan Bypasses Chrome Security
INDIA — By BharatSecure Threat Intelligence Team ·
Verdict: Suspicious | Risk Score: 9/10 | Severity: critical
Category: phishing
How VoidStealer Trojan Bypasses Chrome Security Works
The new VoidStealer Trojan employs an innovative technique to circumvent Chrome's App-Bound Encryption. This allows the malware to hijack user sessions and steal sensitive data stored within the browser.
How This Scam Works — Detailed Explanation
The VoidStealer Trojan operates by first targeting unsuspecting users on popular platforms like social media and instant messaging applications such as WhatsApp. Scammers craft messages that appear legitimate, often mimicking well-known companies or even friends. Users may receive links to fake websites or downloadable files disguised as necessary updates, making it easy for them to inadvertently invite the malware into their systems. For instance, a user might receive a WhatsApp message claiming to be from their bank, instructing them to update their account information due to a security breach, which leads to the installation of the VoidStealer Trojan.
This Trojan employs psychological tricks to manipulate victims into lowering their guard. Scammers often create a sense of urgency or fear—common tactics include threats about account freezes or fictitious penalties for not complying with requests promptly. They may also employ social engineering techniques, presenting a facade of technical expertise to convince users of their legitimacy. By making victims believe they are taking necessary actions to protect themselves, scammers can easily convince them to enter sensitive information or install harmful software onto their devices, thereby enabling the Trojan’s data theft capability.
Once the VoidStealer Trojan is in place, it works to hijack the user's web browser sessions, specifically targeting Chrome due to its widespread use in India. For example, if a victim accesses their bank's online banking platform through Chrome, the malware silently intercepts their session and captures sensitive information like UPI PINs, passwords, or personal identification numbers linked to Aadhaar. Victims may not even realize they have been compromised until they notice unauthorized transactions in their bank accounts or receive alerts that their Aadhaar information has been misused, creating a very real threat to their financial security.
The impact of the VoidStealer Trojan in India can be staggering. In the past year alone, millions of rupees have been lost due to scams involving session hijacking and data theft. Reports indicate that approximately ₹500 crore was lost in India due to various online frauds, with a significant number attributed to phishing scams that utilize Trojans like VoidStealer. The government’s Ministry of Home Affairs (MHA) and regulatory bodies like the Reserve Bank of India (RBI) have issued advisories through the Computer Emergency Response Team of India (CERT-In), urging citizens to remain vigilant about their online activities.
To distinguish between legitimate communications and scams like those involving the VoidStealer Trojan, users should always verify the source of the messages they receive. Legitimate organizations will not send unsolicited links or request sensitive information through insecure channels. Always double-check URLs by entering them manually into the browser instead of clicking on links, and pay attention to email sender addresses or social media profiles to ascertain their authenticity. Additionally, enable two-factor authentication on platforms like UPI and banking apps to add another layer of security to your accounts.
Visual Intelligence:
BharatSecure's AI has identified this as a used in scams targeting Indian users.
Who Does VoidStealer Trojan Bypasses Chrome Security Target?
General public across India
Red Flags — How to Identify VoidStealer Trojan Bypasses Chrome Security
- VoidStealer
- Trojan
- Chrome
- App-Bound Encryption
- data theft
- session hijacking
- malware
What To Do If You Encounter VoidStealer Trojan Bypasses Chrome Security
- Report suspicious activity immediately by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in.
- Contact your bank's helpline (SBI 1800-11-1109, HDFC 1800-202-6161) to freeze your account if you suspect data theft.
- Change your passwords, especially for sensitive accounts, and ensure they are strong and unique.
- Run a complete antivirus scan on your device to detect and remove the VoidStealer Trojan.
- Educate yourself on phishing tactics to help detect future scams effectively.
- Regularly monitor your bank statements and UPI transactions for any unauthorized activity.
How to Report VoidStealer Trojan Bypasses Chrome Security in India
- Call 1930 — National Cyber Crime Helpline (24x7)
- File a complaint at cybercrime.gov.in
- Contact your bank immediately if money was lost
- Call RBI helpline: 14440 for banking fraud
Frequently Asked Questions
- What to do if I shared my OTP in a phishing scam?
- Immediately inform your bank using SBI's helpline at 1800-11-1109 or HDFC's at 1800-202-6161. They can help secure your account and monitor any suspicious activities.
- How can I identify the VoidStealer Trojan in my system?
- Look for unknown browser extensions, unusual pop-ups, or sudden slow performance in Chrome, as these may indicate the presence of the VoidStealer Trojan.
- How do I report this type of scam in India?
- You can report this scam by calling the cybercrime helpline at 1930 or filing a report at cybercrime.gov.in. Additionally, inform your bank about the fraud.
- How can I recover money or protect my accounts after this scam?
- Contact your bank immediately to report any unauthorized transactions and work with them to secure your account. Change your passwords and monitor your accounts closely for any further suspicious activity.
Related Scams in India
Verify Any Suspicious Message
Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.