Credential Stuffing in 2025 – How Combolists, Infostealers and Account Takeover Became an Industry

DumpBrowserSecrets is a Windows post-exploitation tool that harvests browser-stored credentials and session tokens from major browsers (Chrome, Edge, Brave, Opera variants, Vivaldi, Firefox). The report explains its App-Bound Encryption bypass (IElevator COM invoked via DLL injected into a headless Chromium process), DPAPI/NSS handling for other browsers, evasion techniques, example attack scenarios, detection opportunities, and recommended mitigations.