This nightmare incident shows why you really shouldn't store passwords in your browser

An unnamed company was recently breached after an employee stored their corporate account password in their web browser, a new report suggests.

According to research from security company AhnLab, the employee was working from home on a device shared with other household members, which was already infected with Redline Stealer, an infostealing malware.

Although the computer was equipped with antivirus software, the malware was able to evade detection, before stealing the passwords stored in the victim's browser.

Password snafu

In a bid to protect their corporate network from remote workers with infected devices, the company in question provided employees with a VPN, so that they could access their work files securely.

However, this particular employee stored the login credentials for the VPN in their browser, which was later infiltrated by the malware. Three months later, the company was breached using these credentials.

Given that Redline Stealer malware is being sold online (for roughly $150 - $200), it’s very hard to say who is behind this specific attack.

Cybersecurity experts from AhnLab have warned users to refrain from storing passwords in the browser, despite the convenience. A password manager is a much better option, they say, especially when paired with a security key or another form of multi-factor authentication.



Contributer : Techradar - All the latest technology news https://ift.tt/3FDxEV5

This nightmare incident shows why you really shouldn't store passwords in your browser This nightmare incident shows why you really shouldn't store passwords in your browser Reviewed by mimisabreena on Thursday, December 30, 2021 Rating: 5

No comments:

Sponsor

Powered by Blogger.