Tag
high
advisory
Unauthorized Access to Chrome Local State File
2 rules 1 TTPDetection of non-Chrome processes accessing the Chrome 'Local State' file, potentially leading to extraction of the master key used for decrypting saved passwords.
Chrome +3
credential-access
password-stealing
2r
1t
high
advisory
Non-Chrome Process Accessing Chrome Login Data
2 rules 1 TTPThis analytic identifies non-Chrome processes accessing the Chrome user data file 'login data', which is an SQLite database containing sensitive information like saved passwords, potentially leading to credential theft.
Chrome +3
credential-access
password-stealing
windows
2r
1t