The Qilin ransomware variant has been spotted successfully exfiltrating sensitive data stored in the Google Chrome browser.
Researchers from Sophos revealed how a criminal group used previously compromised credentials to access the IT infrastructure of an unnamed organization.
The ransomware operation, Qilin, steals credentials stored in Google Chrome browsers on network endpoints connected to the initially compromised machine.
Organizations are advised to rely on password managers and enable multi-factor authentication (MFA) to minimize the risk of falling victim to such attacks.