A new threat has appeared on the horizon. Even if the name is not familiar to you this malware strain is bad news indeed.
Called RedLine it is an information-stealing malware that specifically targets popular web browsers including Opera, Microsoft’s Edge browser, and Chrome.
Unfortunately, many people have come to rely on their trusty web browser to store and remember their passwords for them. RedLine takes advantage of this and the group behind the code has found a way to crack the browser open and grab the passwords stored within.
Even worse is that RedLine isn’t just isolated to a single gang or group of cyber criminals. Instead, it is being offered as a commodity on the Dark Web. That means anybody with about $200 USD can buy a copy and start harvesting the credentials of anyone they infect.
While it is true that passwords stored inside web browsers are encrypted, RedLine can programmatically decrypt those passwords if they are logged in as the same user which is very much the case here. RedLine runs as the user who was infected which means that all of their passwords are open to the person controlling the malware.
Although it is highly convenient the bottom line is that it’s dangerous to have all of your passwords stored inside your web browser. If you insist on going that route, then your best bet by far is to enable two-factor authentication on every website you visit frequently that offers it. That is so at least if your passwords are compromised the hackers who gain access to the information still can’t easily access your accounts.
Given how RedLine is being marketed on the Dark Web we can expect to see a surge in attacks using the malware in the months ahead. It’s going to get a lot worse before it starts getting any better.