As many of us continue to work from home, we may have gotten into the practice of saving our passwords on our Google Chrome browsers.
While this is an easy and convenient thing to do, which takes the hassle out of remembering login details for every site we use, we might be leaving ourselves open to cyber attacks.
IT researchers are warning us against using the common practice of saving passwords on browsers, like Chrome or Edge, after a recent security breach targeting remote workers in the UK and US.
Here's what you need to know about the hack and how to stay safe from it.
What is the Google Chrome malware targeting work from home employees?
According to security experts AhnLab, hackers targeted an employee working remotely after they used a VPN to access their company’s network.
The device on which the employee was working was infected with a dangerous info-stealing malware called Redline Stealer, which accessed sensitive information like account details, passwords as well as information on the company's VPN.
The hackers then used this information to log in and pry on the private business data three months later.
Redline Stealer is fairly cheap software that managed to get around the antivirus programmes on the computer. The malware, which first appeared in March 2020 costs just over £100 and is quite easy to get a hold of.
Millions of remote workers have been scammed out of money and sensitive data by hackers using malware throughout the pandemic.
How to avoid malware attacks from Google Chrome
The Redline Stealer malware can spread through several sourcesincluding phishing emails, Google ad misuse and even as a photo editing program.
To protect yourself from it, it's recommended that users only make use ofprograms from clean and clear official sources.
Many apps on the Play Store have hidden malware, so users are asked to be careful and perform background scans of the applications or files that they are trying to download.
If in doubt about any of apps or files, it's always best to avoid them.
How Chrome protects your password
Google Chrome can help you identify and change your password if you've been compromised by data breaches.
If you're signed into Chrome, the browser can warn you if the username and password that you use to log in to a website were involved in a data breach. This setting is turned on by default.
You can also use Chrome to check all of your saved credentials, which include usernames and passwords, at the same time. After checking, Chrome will let you know if any of the credentials were exposed in a data breach.
To check the credentials, Chrome will first encrypt your username and password. Then it sends the encrypted credentials to Google for comparison against an encrypted list of known breached data.
If a match is detected, then a warning is displayed urging you to change your password.
Source: Read Full Article