fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

RedLine Malware Shows Why Passwords Shouldn’t be Saved in Browsers

RedLine Malware Shows Why Passwords Shouldn’t be Saved in Browsers

The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea.

This malware is a commodity information-stealer that can be purchased for roughly $200 on cyber-crime forums and be deployed without requiring much knowledge or effort.

However, a new report by AhnLab ASEC warns that the convenience of using the auto-login feature on web browsers is becoming a substantial security problem affecting both organizations and individuals.

In an example presented by the analysts, a remote employee lost VPN account credentials to RedLine Stealer actors who used the information to hack the company’s network three months later.

Also Read: In Case You Didn’t Know, ISO 27001 Requires Penetration Testing

Even though the infected computer had an anti-malware solution installed, it failed to detect and remove RedLine Stealer.

The malware targets the ‘Login Data’ file found on all Chromium-based web browsers and is an SQLite database where usernames and passwords are saved.

Credentials stored in a database file
Credentials stored in a database file
Source: ASEC

Even when users refuse to store their credentials on the browser, the password management system will still add an entry to indicate that the particular website is “blacklisted.”

While the threat actor may not have the passwords for this “blacklisted” account, it does tell them the account exists, allowing them to perform credential stuffing or social engineering/phishing attacks.

Features of the RedLine Stealer
Features of the RedLine Stealer
Source: ASEC

After collecting the stolen credentials, threat actors either use them in further attacks or attempt to monetize them by selling them on dark web marketplaces.

An example of how widely popular RedLine has become for hackers is the rise of the ‘2easy’ dark web marketplace, where half of all the sold data sold was stolen using this malware.

Another recent case of RedLine distribution is a website contact form spamming campaign that uses Excel XLL files that download and install the password-stealing malware.

Also Read: 4 Considerations In The PDPA Singapore Checklist: The Specifics

It’s like RedLine is everywhere right now, and the main reason behind this is its effectiveness in exploiting a widely-available security gap that modern web browsers refuse to address.

What to do instead

Using your web browser to store your login credentials is tempting and convenient, but doing so is risky even without malware infections.

By doing so, a local or remote actor with access to your machine could steal all your passwords in a matter of minutes.

Instead, it would be best to use a dedicated password manager that stores everything in an encrypted vault and requests the master password to unlock it.

Moreover, you should configure specific rules for sensitive websites such as e-banking portals or corporate asset webpages, requiring manual credential input.

Finally, activate multi-factor authentication wherever this is available, as this additional step can save you from account take-over incidents even if your credentials have been compromised.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us