Many use their browsers to store passwords for various sites. But this harbors dangers – not only for private users, but also for companies whose employees are in the home office.
The fact that many people are working from home due to the Corona pandemic is currently being increasingly exploited by hackers. Their target is login data and passwords stored in the browser.
Complete company network hacked
Storing login credentials in browsers like Google Chrome and Mozilla Firefox is widely used. The feature is quite handy as it allows users to save their passwords for various websites and automatically enter them when logging in. Normally, password storage is quite secure. However, since many people currently access corporate networks from home, hackers now have one more reason to steal the passwords.
Researchers from security firm AhnLab investigated a data breach in a company network and made a frightening discovery. The company provided its employees with VPN (Virtual Private Network) access. This allowed direct access to the company’s internal network. The data breach was caused by an employee who used the password management function of a web browser to save the access data for the VPN access. But what he didn’t know was that the PC was infected with malware. The malware leaked access data for numerous sites, including VPN access to the company network. A few months later, hackers were able to use these login data to access internal company information.
Experts recommend not to save passwords in the browser
The malware is the widely used “Redline Stealer” software. In the darknet, the hidden part of the Internet that is only accessible under certain precautions, the malware can be purchased quite easily for as little as 150 US dollars (about 133 euros). According to AhnLab first attacks with “Redline Stealer” date back to March 2020 – right at the time of the global outbreak of the Corona pandemic. The malware is hidden, for example, in phishing emails, Google’s ad playout and in innocuous software such as image editors. The employee who caused the data leak had caught the malware through a cracked program. He had installed this from an illegal source.
AhnLab security researchers now warn against using the browser’s password management feature – especially for employees who are currently home office bound: “Although the browser’s account credentials storage feature is convenient, there is a risk of data loss due to malware infection. Users are therefore advised to forgo the feature and only use programs from secured sources.”
- ASEC AhnLab