Anonymous company was recently raped after employee stored their company account the password in their Web browser, suggests a new report.
According to to research from the security company AhnLab, the employee was work from home on a device shared with other household members, which was already infected with Redline Stealer, an information theft malware.
Although the computer is equipped with anti-virus software, the malware was able to evade detection, before stealing the passwords stored in the victim’s browser.
Snafu password
In an effort to protect its corporate network from remote workers with infected devices, the company in question has provided employees with a VPN, so that they can access their working files securely.
However, this particular employee stored the connection information for the VPN in his browser, which was then infiltrated by malware. Three months later, the company was raped using these credentials.
Since the Redline Stealer malware is sold online (for around $ 150 – $ 200), it is very difficult to say who is behind this specific attack.
AhnLab cybersecurity experts have warned users to refrain from storing passwords in the browser, despite the convenience. A password manager is a much better option, they say, especially when paired with a security key or some other form of multi-factor authentication.
[ad_2]
Source Link
Related posts:
Hit the hardwood in the new Apple Ultimate Rivals: The Court arcade game
Twitter rolls out automated captions for voice tweets one year after launch
RIP Galaxy Note 21? Samsung Galaxy Z Fold 3 to launch in August, hints at invitation to Unpacked
Alibaba pressured by China to design its own chips to promote self-reliance, fueling global unrest