Malware exposes passwords saved in browsers – Check your data now

Malware exposes passwords saved in browsers - Check your data now
© Benoit Daoust | Dreamstime.com

There are plenty of passwords we need to remember for online accounts, but too many people make the mistake of using the same one for multiple sites. If one site is breached, your other accounts are also at risk.

There are a few options to make remembering account credentials easier. One of the most convenient ways is using your browser’s ability to store them for you.

But that can also be the most dangerous. Read on to find out how malware is putting your saved passwords at risk.

Here’s the backstory

When you log into a website or service for the first time, most web browsers will ask whether the credentials should be saved. Doing so makes it easier to log in the next time, as the username and password will be filled in automatically.

But there isn’t much security behind that option. That is precisely what an unnamed company found out when its system was breached through the credential-saving option. According to cybersecurity company AhnLab, the password and username function had been breached through malware, giving hackers access to the impacted company’s files.

Details of the breach are sparse, but the hacked company provided remote workers with access to a virtual private network (VPN). VPN software allows workers to remotely access the company’s servers over a secure connection.

Unfortunately, the username and password to the VPN were stored in one employee’s browser. Cybercriminals used a malware program called Redline Stealer to extract the stored VPN credentials. This gave hackers the ability to access the company’s files.

Redline Stealer is sold on the black market for less than $200, so tracking down the culprits will be nearly impossible. This nightmare scenario impacted one company in the example given by AhnLab. But it can happen to anyone that uses a web browser to save passwords.

To make matters worse, roughly 441,000 accounts are known to have been compromised by RedLine following the discovery of an exposed server. You can see if your email address was part of that at Have I Been Pwned.

What you can do about it

It might be convenient to have your browser automatically store usernames and passwords, but there is a clear security risk in doing so. The feature is enabled by default in any Chromium-based browsers like Google Chrome and Microsoft Edge.

Browsers store credentials in a Login Data file, and it was this file hackers attacked to retrieve the information. Here are some ways to prevent this type of breach.

  • Make sure that you have trustworthy antivirus software that can scan for threats. We recommend our sponsor, TotalAV. You can get complete protection for a whole year at ProtectWithKim.com, all for just $19! That’s an incredible deal.
  • Instead of letting a browser store your credentials, use a password manager. They are much more secure, and you only need to remember one master password.

Tags: accounts, antivirus, breaches, browser, Credentials, cybercriminals, cybersecurity, cybersecurity company, Google Chrome, malware, password managers, passwords, protection, security, security risk, username, web browser, wireless