I'm wondering what that costs and how it works. Do you send them bitcoin or whatever and they send you a binary or what? How much do you pay for it? Never really found a proper explanation how that stuff works, especially when you read about 0-day exploits.
I remember some sellers were offering turnkey modified ZeuS back in the day.
If I store production keys or certificates on my usual ext4 filesystem, all changes are written to the ext4 journal. Thus deleting the files technically isn't enough - even with shred. A ramdisk would avoid this issue and would automatically wipe itself on shutdown.
It took me at most 20 minutes to implement, while just for cookies, the passwords would be equally trivial.
How does that work? Doesn’t it need the admin password, or are Chrome credentials just sitting around in a really easy to decrypt format?
If you can execute code on the computer (as the user), you can decrypt the credentials.
Scary how easy it is to steal it all :(
The problem is that programs gain too much privileges they do not need (yet) without consent from the user.
This kind of attack wouldn't work on Qubes OS, a well configured SELinux, or a well configured capability-based OS.