Potential Data Stealing Via Chromium Headless Debugging (3e8207c5-fcd2-4ea6-9418-15d45b4890e4)

Detects chromium based browsers starting in headless and debugging mode and pointing to a user profile. This could be a sign of data stealing or remote control

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0)	Attack Pattern	Potential Data Stealing Via Chromium Headless Debugging (3e8207c5-fcd2-4ea6-9418-15d45b4890e4)	Sigma-Rules	1
Potential Data Stealing Via Chromium Headless Debugging (3e8207c5-fcd2-4ea6-9418-15d45b4890e4)	Sigma-Rules	Browser Session Hijacking - T1185 (544b0346-29ad-41e1-a808-501bb4193f47)	Attack Pattern	1
Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0)	Attack Pattern	Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8)	Attack Pattern	2