The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

The new Storm infostealer operates by hijacking browser sessions and decrypting data server-side, a shift from traditional methods that evaded endpoint security. For a monthly fee, it harvests credentials, session cookies, and crypto wallets, enabling attackers to gain authenticated access to SaaS platforms and cloud environments without triggering alerts.