Think Twice Before You Click to Save Credentials in a Web Browser

Share and earn Cybytes
Facebook Twitter LinkedIn Email

It’s increasingly common: attackers target credentials stored within web browsers. Such attacks could happen on any of the well-known browsers that dominate the market today including Chrome, Firefox and Internet Explorer. The motivation and method behind the attacks vary, but the message is clear – browsers are a soft target on today’s hacker’s short list.

Why is this so?

Every browser offers a means to save credentials for online/web accessible systems. In fact, the option is frequently displayed as a pop-up box that highlights “save” as the default.

This simple, time-saving step encourages adoption of the feature. Users, after all, like the convenience of not having to enter credentials every time they visit their favorite website or frequently used system. The information stored in the browser is publicly available to programs that the user runs. But despite the convenience, there is a major downside: credentials saved in a browser are a natural target for phishing attacks and provide easy access to the targeted user’s systems.

As seen in the Vegas Stealer malware, there can be a hefty price to pay when users opt to press that “save credential” checkbox. Victims of this type of attack can unintentionally expose sensitive, browser-accessible IP. The malware is in use across multiple industries and particularly prevalent in marketing, advertising, public relations, retail and manufacturing. This is likely because these targets tend to have higher-than-average usage of 3rd party and SaaS solutions in operation.

Another credential stealing malware is the one targeting crypto-chat app Telegram. Once downloaded, the malware extracts browser credential data that allows restoring cache and maps files into an existing Telegram desktop installation. If the session was open, the attacker has the chance to access the victim’s session, contacts and previous chats without their knowledge.

Want to learn how to mitigate this risk without impacting your end-user systems?

Join us for a CyberArk On the Front Lines webcast titled “Protecting the Privileged Pathway: Learn how from demos of five attack scenarios that exploit privilege,” on June 5, 2018. There are two sessions that you can join: 9 a.m. and 2 p.m. ET.

During these sessions, our endpoint privileged access security experts will explain the finer points of how attackers use targeted phishing attacks to steal credentials with Mimikatz. They will also demonstrate several escalations, including browser credential harvesting. Attendees will gain best practices for mitigating risk using CyberArk Endpoint Privilege Manager. For those interested in learning how current, real-world attacks take place, along with ways to prevent them, this webcast is for you.

To learn more about how to mitigate attacks on endpoints across your enterprise, download our CyberArk Endpoint Privilege Manager datasheet.

Register today, and we’ll see you On the Front Lines!

The post Think Twice Before You Click to Save Credentials in a Web Browser appeared first on CyberArk.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About CyberArk
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and do irreparable business damage. CyberArk is trusted by the world’s leading companies – including more than 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications, while ensuring tight regulatory compliance and audit requirements.
Promoted Content
Advanced cyber attacks involve compromised privileged accounts. Cyber attackers target them because they represent the keys to the IT kingdom. Effective enterprise security includes proactively protecting privileged accounts. Industry experts have identified practices that increase an organization’s vulnerability to a cyber attack. How many of these are common at your organization?

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?