Discus Systems PLC - IT Support Company in Birmingham West midlands
0800 880 3360
Finger pointed at web browsers over password mega-leaks
Posted by Damien Biddulph on Mon 13th Jun 2016


  Business IT Support (4 hour response)
Server Support £166.00 + VAT per month
Workstation Support £20.00 + VAT per month
Cloud Service Support £66.00 + VAT per month
On-site Technican £680.00 + VAT per day

Please call 0800 880 3360 (01675430080) for more information or email u2us@discus.co.uk

Arrange A Callback
Your Name:
E-Mail Address:
Tel Number:
Mobile Number:

Click 'Call Me' to request a callback.

Passwords saved in browsers and fished out by malware could be to blame for hundreds of millions of password leaks

Insecurities in the way major web browsers store passwords and other information, combined with malware on people's PCs, could be behind a string of credentials leaks, security specialists have warned.

Furthermore, the malware may also be able to access personal information used by browsers to pre-populate web forms. Twitter has suspended millions of accounts in response.

This is the view of specialists at security software company Rapid7 following an analysis of recent password leaks.

"While the credentials themselves appear to be real, the details provided by LeakedSource indicate that the usernames and passwords are sourced from end users rather than from Twitter itself," said Tod Beardsley, security research manager at Rapid7.

"Specifically, it appears that the credentials were harvested from individual browsers' password stores.

"It's just too easy for malware to pick up credentials stored in the default browser password stores as these databases usually lack appropriate access controls."

An early analysis points to a specialised form of malware exploiting this browser security weakness.

"It's not clear from the analysis posted so far what the vector was, but it's certainly some flavour of malware - a malicious application targeting browser-based password storage," Beardsley told V3.

"Browser password storage tends to be in a very findable and predictable path, so either the malware accessed the store directly, or it simply scraped passwords from the log-in screens by navigating to Twitter's log-in page.

"Browser password storage favours ease of use over anything, and doesn't prompt the user for an unlock password after the first use, if at all. Firefox does prompt a user per session, while Chrome's password autofill is completely automated once signed into Google.

"Malware installed on a computer has at least the same rights as the affected user, so no password manager is truly bulletproof against a purpose-built password stealer.

"But an external password manager will typically require authentication for every use, and two-factor authentication does go a long way toward mitigation in the event of a password compromise."

Source: v3.co.uk



corner spacer corner

Veeam Specialist Microsoft Small Business Specialists Birmingham Microsoft Gold Certified Partner Birmingham Siemens Solution 1 Reseller Birmingham Sonicwall Specialists Birmingham Business Link Approved Birmingham Fujitsu Primergy Certified Partner Birmingham Facebook Follow us on Twitter ESET NOD32 VMWare
IT Support
IT Services
IT Solutions
Get Support Now
© 2018 Discus Systems plc. All rights reserved. Content Management by Verve Digital