Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
How malware steals autofill data from browsers
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How malware steals autofill data from browsers
harlan4096 Online
MalWare Zoo Team
*******
Posts: 12,811
Threads: 8,846
Thanks Received: 8,733 in 6,894 posts
Thanks Given: 9,634
Joined: 12 September 18
#1
Exclamation  11 August 19, 09:48
Quote:
[Image: browser-data-theft-featured.jpg]

Most browsers kindly offer to save your data: account credentials, bank card details for online stores, billing address, name, and passport number for travel sites, and so on. It’s convenient and saves having to fill out the same forms all over again or worry about forgotten passwords. However, there is a catch: All of this autofill data can be scooped up by cybercriminals if your computer gets infected by a stealer — a piece of malware that steals information, including from browsers.

Such programs are becoming increasingly popular with online scammers: In the first half of this year alone, Kaspersky’s security products detected more than 940,000 stealer attacks. That is a one-third increase from the same period of 2018.

Strictly speaking, stealers are interested in more than just browsers’ autofill data — they are also looking for cryptocurrency wallets and gaming data, and they steal files from the desktop as well (we hope you don’t store valuable information there, such as password lists).

However, browsers have become a hub of work and play, including shopping, banking and more, and are often a source of far more confidential information than other programs. Let’s take a look at how stealers get their thieving hands on browser data.

How browsers store your autofill data

Browser developers seek to protect the information entrusted to them. To do so, they encrypt it, and decryption is possible only on the same device and from the same account that saved it. So if someone simply steals a file with autofill data, they won’t be able to use it — everything in it is securely encrypted.

But, there’s a but. By default, browser developers assume that your device and account are well protected, meaning that any program running from your account on your computer is acting on your behalf and therefore should be able to extract and decrypt saved data. Unfortunately, this also applies to malware that has penetrated the device and is running under your account.

The only browser that offers extra protection for stored data against third parties is Firefox, which allows you to create a master password that you have to enter when you need the data to be decrypted and used for autofill. However, this option is disabled by default.
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
GFYI [Official] VTubeGo Downloader 2004...
ENTRY#2 "Sha...damien76 — 20:44
How to turn off App Promotions in Window...
Starting next month...harlan4096 — 10:05
UltraSearch 4.1.3.915
UltraSearch 4.1.3....harlan4096 — 10:01
ESET 17.1.11.0
ESET 17.1.11.0: ...harlan4096 — 10:00
AdGuard VPN for Mac 2.3.1
AdGuard VPN for Ma...harlan4096 — 09:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (49)steakelask
avatar (43)Termoplenka
avatar (49)Toligo

[-]
Online Staff
There are no staff members currently online.

>