This New Malware Steals Passwords From Popular Browsers

A new threat has appeared on the horizon. Even if the name is not familiar to you, this malware strain is definitely bad news.

Called RedLine, it is an information-stealing malware that specifically targets popular web browsers including Opera, Microsoft’s Edge browser, and Chrome.

Unfortunately, many people have come to rely on their trusty web browser to store and remember their passwords for them. RedLine takes advantage of this and the group behind the code has found a way to crack the browser open and grab the passwords stored within.

Even worse is that RedLine isn’t just isolated to a single gang or group of cybercriminals.  Instead, it is being offered as a commodity on the Dark Web. That means anybody with about $200 USD can buy a copy and start harvesting the credentials of anyone they infect.

While it is true that passwords stored inside web browsers are encrypted, RedLine can programmatically decrypt those passwords if they are logged in as the same user which is very much the case here.  RedLine runs as the user who was infected, which means that all of their passwords are open to the person controlling the malware.

Even though it’s really convenient, the bottom line is that it’s dangerous to have all of your passwords stored inside your web browser.  If you insist on going that route, then your best bet by far is to enable two-factor authentication on every website you visit frequently that offers it. That’s so that at least if your passwords are compromised, the hackers who gain access to the information still can’t easily access your accounts.

Given how RedLine is being marketed on the Dark Web we can expect to see a surge in attacks using the malware in the months ahead.  It’s going to get a lot worse before it starts getting any better.