Internet experts are alerted to the dangers of storing passwords on browsers like Chrome or Edge after the arrival of a cheap and readily available malware, known as Redline Stealer, which can be purchased from shady areas of the Internet for as little as $150.
AhnLab Security issued a warning about it after they dealt with a security breach that affected a company employing remote workers.
“The affected company provided a VPN (Virtual Private Network) service to employees who were working from home to grant access to the company’s intranet, and employees connected to the VPN on the provided laptops or computers,” the researchers explained.
The target employee used the password management feature provided by the web browser to save and use the account and password for the VPN website on the web browser for the company.”
As more people in the UK continue to work from home during the Covid-19 attack, these types of hacks are becoming an even greater threat, and with many people using browsers to store a long list of passwords that the average person accumulates, it appears to be a potential target.
In fact, the password manager feature is enabled by default on any browser built on the Chromium code base - which includes Google Chrome and Microsoft Edge. The Redline Stealer, which debuted on the Russian Dark Web, works by targeting the database file where Account information and password are stored.
It is spread through the phishing tactics of hackers, with the researchers writing: “Redline Stealer first appeared in March 2020, and phishing messages were used that offend the Covid-19 issue,” they added, “It is known that the malware was then distributed in various ways such as Phishing emails, misusing Google ads, and masquerading as photo editing software."
But it should be noted that malware is far from widespread at this point, and server companies will likely adapt to make their products more secure in future updates, although built-in browser password managers may not be as secure as services like OnePassword, which released a document Of the 40 pages describing their encryption processes, they're still more secure than not using one at all and using the same password for everything.