We have so many passwords that it is very common to forget many of them, especially the ones that we usually use less. To avoid this, something very interesting is to use a key manager. There are them for mobile phones and computers, as browser extensions or even integrated into Chrome or Firefox itself. Now should we save passwords in browser? There is a new reason why it is not advisable.
RedLine malware steals browser passwords
RedLine is a new malware that directly targets the most used browsers. It specifically affects Google Chrome, Edge and Opera. The objective is to infect and steal the keys that are stored in them, in order to have full control over the victims’ accounts, such as social networks, email or any website where we have to log in.
This shows us once again the risk of storing passwords in the browser. On other occasions we have said that it is not a good idea for different reasons. One of them is in case someone has physical access to the computer, for example if we share the equipment with other people. But also in case of installing a malicious or similar plug-in.
Now it is the turn of a new malware that is capable of steal passwords that we have saved in the browser. AhnLab ASEC, in a new report, indicates that it is not a good idea to save the passwords in the browser and recommends looking for other alternatives, such as an offline key manager that we install on the computer.
East malware points to the file that records login details and passwords in Chromium-based browsers. It is a database where user names and passwords are stored.
Even if the attacker does not have the real password, he or she could know that the account exists and carry out methods such as password spraying. In this way, you could take control of those accounts thanks to the RedLine malware. If the victim has not stored any keys in Chrome or any of the affected browsers, there would be no problem.
Tips to avoid key theft
So what can we do to prevent our passwords from being stolen in the browser? The first thing, what we have seen in this article, is avoid storing keys there. This will close many doors to hackers and we will prevent attacks such as through the RedLine malware.
But beyond that, it is essential to have the protected equipment. A good antivirus, such as Windows Defender or Avast, allows detecting malicious files and programs that may contain viruses that steal passwords.
It is also convenient to have the latest versions at all times. This we must apply to the browser, of course, but also to the operating system itself. In this way we will be able to correct possible vulnerabilities that may be present and are exploited.
In short, if you store passwords in the browser it is not a good idea. As we have seen, it is possible that varieties of malware appear that are precisely responsible for stealing those keys that are saved in Chrome and other browsers. It is better to look for other alternatives.