highexperimentalLinuxOCIT1552.001

Linux Agent Reading Browser Or Session Storage

Detects AI agent processes accessing browser profile directories or session storage files, which may indicate credential or token theft driven by a hijacked agent goal.

Updated Jan 10, 2025 · OCI AI Security Team

agentic-aibrowser-datasession-theftlinuxociowasp-asi01

Problem Statement

Browser session storage contains authentication cookies and saved credentials for cloud consoles including OCI. An AI agent accessing these files is almost certainly operating outside its sanctioned scope and may be attempting to harvest tokens for unauthorized access.

Sample Logs

{"timestamp":"2025-01-10T13:18:44Z","computer_name":"oci-desktop-01","user":"agent_svc","image":"/usr/bin/python3","target_filename":"/home/agent_svc/.config/google-chrome/Default/Login Data","access_type":"read"}

Required Fields

image

target_filename

user

computer_name

False Positives

·Browser automation agents (Selenium, Playwright) that legitimately access browser profiles as part of their task
·Backup or sync utilities running under a Python wrapper

Tuning Guidance

Allowlist known browser automation service accounts and correlate with job metadata. Flag reads of Cookies and Login Data files specifically as these have no legitimate agent use case.