Most browsers kindly offer to save your data: account credentials, bank card details for online stores, billing address, name, and passport number for travel sites, and so on. It’s convenient and saves having to fill out the same forms all over again or worry about forgotten passwords. However, there is a catch: All of this autofill data can be scooped up by cybercriminals if your computer gets infected by a stealer — a piece of malware that steals information, including from browsers.
Such programs are becoming increasingly popular with online scammers: In the first half of this year alone, Kaspersky’s security products detected more than 940,000 stealer attacks. That is a one-third increase from the same period of 2018.
Strictly speaking, stealers are interested in more than just browsers’ autofill data — they are also looking for cryptocurrency wallets and gaming data, and they steal files from the desktop as well (we hope you don’t store valuable information there, such as password lists).
However, browsers have become a hub of work and play, including shopping, banking and more, and are often a source of far more confidential information than other programs. Let’s take a look at how stealers get their thieving hands-on browser data.
How malware steals data from Chrome
Google Chrome and other browsers based on the Chromium engine (such as Opera and Yandex.Browser) always store user data in the same place, so stealers have no problem finding it. In theory at least, this data is stored in encrypted form. However, if the malware has already penetrated the system, then its actions are done in your name.
Therefore, the malware simply puts in a polite request to the browser’s data encryption tool to decrypt information stored on your computer. With requests seemingly from the user considered safe by default, in response the stealer gets all your passwords and credit card details.
What happens to data stolen by the stealer?
Once the malware has the autofill data in plain text, it sends them back to cybercriminals. From there, either of two scenarios may unfold. The malware’s handlers can use it themselves or, more likely, sell it to other malefactors on the black market, where such products are always highly prized.
Either way, if usernames and passwords were among the stored information, the crooks will likely steal a couple of your accounts and try to finagle money out of your friends. If you saved bank card data in the browser, the losses could be more direct; your money will either be spent or transferred elsewhere
Stolen accounts can be used for many other purposes too, from spamming and promotion of websites or apps, to sending viruses and laundering money stolen from others (and if the police get involved, they may come knocking on your door).
How to protect data from stealers
Do not entrust important information such as bank card details to your browser for safekeeping. Instead, enter them manually each time — it takes longer but is safer. You can also store passwords in a password manager.
Most important: The best way to safeguard data is to prevent malware from getting onto your computer in the first place. To do so, install a reliable security solution that will keep infections at bay. No malware, no problem!
Source: Kaspersky Lab
Sign up our newsletter for update information, insight and promotion.
