Crypto

Redline malware campaign reveals the risks of saving passwords in browsers – Compareland

Today’s browsers have an automatic login feature that saves passwords for frequently used online services. While saving passwords in browsers is convenient, it is not a good idea. A new scan has found an information-stealing malware called Red Line that targets web browsers such as Opera, Chrome, and Edge to collect login credentials. According to a report by AhnLab ASEC, the Redline malware campaign targets users who enable the automatic login feature in their browsers. Analysts said that the Redline malware, also known as the Redline Stealer, compromised a company’s VPN account by targeting a remote employee device that saved passwords in the browser. The threat actors allegedly used the leaked VPN account to hijack the company’s internal network three months later.

“The target employee used the password management function provided by the web browser to sign in and use the account and password of the VPN site in the web browser. In doing so, the PC became infected with malware targeting account credentials, leaked accounts, and passwords for various sites, which also included the company’s VPN account, ”the analysts said.

Also read: 3 High Demand Digital Assets on Dark Web Forums

Redline available on Darknet

Active since 2020, Redline Stealer first appeared on the Russian darknet forum. The malware sells on the dark web for $ 150-200, allowing criminals to exploit it. In addition to malware, credentials leaked by Redline malware are sold on the dark web.

The main characteristics of Redline malware include:

  • Collect and steal information saved in browsers, such as login account and password, cookies, autocomplete, credit card information.
  • Collects default system information such as system IP address and operating system information.
  • Collect hardware information such as system processor, memory size, and GPU
  • Collection of information about browsers and software installed on the system.
    Collection process and installed anti-malware programs
  • Target system control through SOAP protocol communication
  • Upload and download files
  • Access arbitrary URLs and run files

Redline exposes 6 million records

Recently, security expert Bob Diachenko revealed that the Redline Stealer malware exposed more than 6 million records online. It revealed that the Redline malware campaign is the main source for exchanging confidential information stolen from various cybercriminal forums and the dark web.

Compromised credentials pose serious threats to the security of organizations and users. Recently, have I been pwned? It was reported to have added 441,657 unique email addresses stolen by RedLine malware operators. Data Breach Victims Use Have They Fooled Me? platform to check if your email id or phone number has been compromised in a security breach. Users who find their email address exposed should update their passwords for all online accounts on the device, including corporate VPNs, email accounts, and other personal accounts.

Firefox

  • Click Menu> Settings
  • In the Privacy and security section, uncheck the option “Request to save credentials for passwords and websites”.
  • Also uncheck the Autocomplete Usernames and Passwords option
  • Uncheck Allow Windows Single Sign-On …
  • Near Usernames and Passwords, click the Saved Connections button
  • Delete any login information you see.
  • If you don’t use Firefox as your default browser, you will find similar settings in other browsers. Look in the Privacy and security section in Settings or Advanced settings.

    Rank Math Seo Pro Weadown, Wordfence Premium Nulled, Yoast Nulled, PHP Script, Fs Poster Plugin Nulled, Astra Pro Nulled,Woodmart Theme Nulled, Wpml Nulled, Avada 7.4 Nulled, Woodmart Theme Nulled, PW WooCommerce Gift Cards Pro Nulled, Elementor Pro Weadown, Newspaper – News & WooCommerce WordPress Theme, Nulledfire, Slider Revolution Nulled, Elementor Pro Weadown, Jnews 8.1.0 Nulled, WeaPlay, Business Consulting Nulled, WP Reset Pro, Newspaper 11.2, Flatsome Nulled, Woocommerce Custom Product Ad, Premium Addons for Elementor, Jannah Nulled, Consulting 6.1.4 Nulled, Plugins, WordPress Theme, Dokan Pro Nulled

    Back to top button