RedLine malware shows why passwords shouldn’t be saved in browsers

Topic

New Reply

Well, so much for password managers in browsers… :

“The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea.

“This malware is a commodity information-stealer that can be purchased for roughly $200 on cyber-crime forums and be deployed without requiring much knowledge or effort.”

https://www.bleepingcomputer.com/news/security/redline-malware-shows-why-passwords-shouldnt-be-saved-in-browsers/

Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

4 users thanked author for this post.

NaNoNyMouse, Microfix, wavy, Alex5723

Reply | Quote

Replies

2FA would solve the issue. Any important sites you use, work, banking, email etc, should have 2FA enabled.

If your work doesn’t have 2FA, check out duo.com

cheers, Paul

1 user thanked author for this post.

Microfix

Reply | Quote

RedLine is a malware for Windows, not  for Macs and, it would seem, also not for Linux.

Macs, of personal interest to me, have their own malware problems, just not RedLine:

https://www.forbes.com/sites/dwightsilverman/2021/05/27/apple-says-malware-is-a-problem-on-macs-so-bad-is-it/

 

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

It’s never stated in articles BUT … Is there any chance an asterisk can occur (ie) IF all of your Browser Saved Passwords for Auto-Login are JUST Forums (NO financial – Purchase type – company sites) Go Ahead and use them ? Trying to figure WHAT Vladimir’s bad buddies could / would do knowing my AW or Firefox Forum passwords.

W10 Pro 22H2 / Hm-Stdnt Ofce '16 C2R / Macrium Pd vX / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU = 0

Reply | Quote

Trying to figure WHAT Vladimir’s bad buddies could / would do knowing my AW or Firefox Forum passwords.

Well, knowing your password for this site would at the very least let someone post as you and violate the terms of site usage with enough personal attacks or foul language that you might be barred from the site. This would a type of DoS attack on you by denying you use of this site as a formal member, so you’d only be able to post as an anonymous user. You’d have to convince Susan and/or other Managers here that the posts didn’t come from you so that you could get reinstated.

Same goes for Firefox/Mozilla forum(s).

And that’s just for starters.

2 users thanked author for this post.

Mele20, CraigS26

Reply | Quote

Troy Hunt has recently updated haveibeenpwned so netizens can check whether emails/ phone numbers are compromised. If you do find anything relating to redline, update your AV and full scan your device to detect and remove any installed malware.

If the Redline stealer was found and removed post AV scanning, change your password for all accounts including cryptocurrency wallets, VPN and email accounts along with ANY other personal accounts or info on the infected device (fora etc..)

Windows - commercial by definition and now function...

Reply | Quote