The famous browsing platform, Google Chrome, could be the reason behind the recent rise observed in cyber attacks.
Whenever a Chrome user logs in to any site or social media platform, they receive an opportunity to save their login information so that next time they can save the process of entering the credentials again. However, the cybersecurity company, ESET, believes that while this feature can save users time, it cannot save their passwords and credentials from bad actors.
The insight shared by the Slovak-based company ESET talks about how secure the passwords are, whether users should trust a password manager feature like this and what could happen if things go wrong.
The greatest setback a user will go through if a cyber criminal gets inside the system is that they will have free-hand access to the person's browsing information as well as all the data installed and saved on the device. Not only this, but even the passwords saved on Google Chrome will be in attackers' hands. This is not the first time that an attack like this has taken place. For quite a long time, cyber criminals have been making their way through the files where users would save all their passwords and other valuable information, such as banking details.
The saved login data file is present in the database folder in local storage. The 'DB Browser for SQLite' is then used to extract all the data stored in the file. This data includes the links, username, and passcode.
Though the saved data is in encrypted form, the hacker has the advantage of having control of the victim’s device. With this, the password is decoded through CryptUnprotectData.
While a hacker performs these functions manually, on the other hand, a malware programmed specially for this can decrypt information instantly. Not only malware, but even some online links can have hidden bugs that can welcome such malware that can take over any system.
This is why the best way to prevent anything like this from happening is by not saving important passwords linked to banks, medical records, or any important social media platform.
Read next: Survey Shows Users Have No Clue About Their WiFi Router Security
Whenever a Chrome user logs in to any site or social media platform, they receive an opportunity to save their login information so that next time they can save the process of entering the credentials again. However, the cybersecurity company, ESET, believes that while this feature can save users time, it cannot save their passwords and credentials from bad actors.
The insight shared by the Slovak-based company ESET talks about how secure the passwords are, whether users should trust a password manager feature like this and what could happen if things go wrong.
The greatest setback a user will go through if a cyber criminal gets inside the system is that they will have free-hand access to the person's browsing information as well as all the data installed and saved on the device. Not only this, but even the passwords saved on Google Chrome will be in attackers' hands. This is not the first time that an attack like this has taken place. For quite a long time, cyber criminals have been making their way through the files where users would save all their passwords and other valuable information, such as banking details.
The saved login data file is present in the database folder in local storage. The 'DB Browser for SQLite' is then used to extract all the data stored in the file. This data includes the links, username, and passcode.
Though the saved data is in encrypted form, the hacker has the advantage of having control of the victim’s device. With this, the password is decoded through CryptUnprotectData.
While a hacker performs these functions manually, on the other hand, a malware programmed specially for this can decrypt information instantly. Not only malware, but even some online links can have hidden bugs that can welcome such malware that can take over any system.
This is why the best way to prevent anything like this from happening is by not saving important passwords linked to banks, medical records, or any important social media platform.
Read next: Survey Shows Users Have No Clue About Their WiFi Router Security