Passwords are one of the nuisances of modern life. As more of our daily activities move online, we have an increasing number of passwords to remember (or forget).
It’s therefore understandable that many people choose to save their passwords in their web browsers, along with other information such as names, email addresses, and credit card numbers.
Saving personal information in your browser is convenient, but it can be a security risk.
The threat from infostealer malware
Cybercriminals use infostealer malware to harvest data from computers and devices.
Infostealers such as RedLine, Vidar, Raccoon, and LummaC2 are available on underground forums, where the Malware as a Service (MaaS) makes them quick and cheap to get up and running.
When a device is infected, infostealers can snatch files and data from your device swiftly, without being detected by conventional anti-virus tools. Your personal information can be for sale on the dark web within hours.
How infostealers target browser data
Infostealers that target web browsers focus on autofill data and saved passwords.
Browsers use vaults to store your data locally, usually as encrypted files. However, their security is weak due to flawed design. Common browsers, such as Google Chrome and Microsoft Edge, are engineered to assume that any app installed and running on your computer is legitimate.
Typically, when an app requests access to extract and decrypt saved data, the browser grants permission. Unfortunately, this includes requests from infostealer malware. If your device is infected with an infostealer, your browser can allow it to access and exfiltrate your passwords and other saved data.
Why password manager tools are safer than browsers
One of the main ways to protect your organisation against credential theft by infostealers is to stop storing passwords and autofill data in web browsers. Instead, use dedicated password manager tools.
Password managers store data in encrypted vaults that are separate from your browser data. They generate strong, unique passwords for your accounts and store them securely behind a master password, which must also be strong and unique. The master password is the only way to access your saved information.
Like browser storage, password manager tools save you the pain of having to remember all your passwords. However, they have several advantages:
- Stronger encryption: Browsers encrypt the data they store using industry-standard protocols such as AES-256. This is good, but some password managers use even stronger encryption methods.
- Greater privacy: In a browser, your passwords are stored behind your account password, meaning they’re not private. For example, in Chrome, the vault uses your Google password, which means Google could access its contents. By contrast, most password manager tools take a zero-knowledge approach. The software vendor doesn’t know your master password and has no access to your data.
- Better password hygiene: Password manager tools generate strong passwords on your behalf. When adopted across organisations, they can help to enforce password policies, eliminate password reuse, and improve overall password hygiene.
- Support for multi-factor authentication: This provides a vital extra layer of protection for your password vault if your master password falls into the wrong hands.
- Cross-platform compatibility: Passwords stored in a browser are only available in that browser, whereas you can connect a password manager tool to any browser on any device.
Credential theft prevention: Strategies to protect your organisation from infostealers
Even if you use password manager tools, it’s still vital to prevent your computers and devices from becoming infected with infostealer malware. Therefore:
- Provide security awareness training: Ensure everyone in your organisation understands the danger from infostealers, and how they’re spread through phishing and social engineering.
- Define your password policy: Ensure everyone in your organization uses strong, unique passwords that update regularly, never reuse or share, and keep secure using a password manager tool.
- Keep your software and systems updated: Ensure your browsers, operating systems, and security software are always up-to-date and patched.
- Use a cyber threat intelligence (CTI) and credential monitoring solution. CTI solutions such as Cybercheck continuously monitor for exposed credentials and personal data, providing early warning to stop attacks before they breach your defences. If cybercriminals are trading information about you or your organisation, we alert you immediately. That means you can stay extra vigilant, take proactive steps like changing passwords or blocking cards, and shut out the attackers before they make you their next victim.