RedLine Malware Shows Why Passwords Should Not be Saved in Browsers

posted by martyb on Wednesday December 29, @11:13PM   Printer-friendly [Skip to comment(s)]
from the security-vs-convenience dept.
The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea.

This malware is a commodity information-stealer that can be purchased for roughly $200 on cyber-crime forums and be deployed without requiring much knowledge or effort.

However, a new report by AhnLab ASEC warns that the convenience of using the auto-login feature on web browsers is becoming a substantial security problem affecting both organizations and individuals.

[...] Using your web browser to store your login credentials is tempting and convenient, but doing so is risky even without malware infections.

By doing so, a local or remote actor with access to your machine could steal all your passwords in a matter of minutes.

Instead, it would be best to use a dedicated password manager that stores everything in an encrypted vault and requests the master password to unlock it.

Moreover, you should configure specific rules for sensitive websites such as e-banking portals or corporate asset webpages, requiring manual credential input.

Finally, activate multi-factor authentication wherever this is available, as this additional step can save you from account take-over incidents even if your credentials have been compromised.

RedLine Malware Shows Why Passwords Should Not be Saved in Browsers
  • (Score: 2) by choose another one on Wednesday December 29, @11:58PM

    by choose another one (515) on Wednesday December 29, @11:58PM (#1208587)

    Right here:

    a local or remote actor with access to your machine could steal

    Such an actor can access browser files, as you, whoop dee doo. They can also access "dedicated password manager" files (as you), run a keylogger (as you) and have all your "dedicated password manager" stored passwords the second you retrieve one of them with the passphrase. This is better? - well for certain values of "better" which may or may not depend on whether you have connections to selling password managers...

    Solution: make sure a local or remote actor _doesn't_ have access to your machine, or use 2FA and make sure they don't have access to second factor.

