Storm is a new Windows-based infostealer that evades endpoint detection by offloading browser credential decryption to attacker-controlled servers. It features an automated session hijacking capability that restores stolen cookies via SOCKS5 proxies, granting attackers immediate authenticated access to enterprise SaaS and cloud environments while bypassing MFA.