Kaspersky Reports Malware That Can Steal Your Browser’s Autofill Data

There's a new type of malware on the internet: "Stealers." They're aimed at swiping the autofill information stashed in your
Written by
Published on August 14, 2019

There’s a new type of malware on the internet: “Stealers.” They’re aimed at swiping the autofill information stashed in your browser window ⁠— you know, the passwords and usernames that some browsers requests you let them remember the next time you want to log in.

Granted, stealers aren’t brand new. They’re a type of Trojan malware, which has been around since the 90s, when they were aimed at grabbing your AOL password.

Still, Stealers are on the rise. Cybersecurity firm Kaspersky found over 940,000 stealer attacks during the first half of 2019, representing a year-over-year increase of one-third since 2018. Here’s what to know about the malware, and how you can protect your autofill data.

How Stealer Malware Can Take Autofill Data

First, the good news – browser developers don’t make it easy to steal autofill data. They encrypt it so that it’s only accessible from the specific device and account that first entered the data. So how does a stealer get away with it? It needs to be a program running from your device, as this lets it trick the browser into decrypting your autofill data.

The exact details of the process differ depending on which browser we’re talking about.

Google’s Chromium engine, which powers the Google Chrome and Opera browsers among others, stores all the autofill data in a central location, letting a stealer running on a user’s device decrypt it with a simple request aimed at the browser’s data encryption tool.

Firefox creates a randomized profile to hide the data within, forcing a stealer to sort through all the profiles before it can request a data decryption, while Internet Explorer and Edge use a “special storage” process that again only requires a decryption request. Kaspersky has all the details in its recent security blog post.

Why Autofill Data is a Risk

How useful is the data to these bad actors? Well, think about what information you allow your browser to store.

Bank account sign-ins and credit card numbers are examples of data that many people need to regularly enter online, and allowing your browser to autofill that data can be tempting.

And for all the workaholics out there, using your personal computer to sign into sensitive workplace accounts is another big concern.

The data will likely be sold to someone who knows how to use it, either to directly transfer funds from your account or to use your social media accounts to wheedle money from your friends and family.

How to Stay Safe from Stealer Malware

Here are the best practices to keep in mind, including one possible loophole offered by Firefox that might let you stay safe while remaining as lazy as ever.

  • Use a master password with Firefox — Just one major browser, Firefox, offers a loophole that keeps your autofill data safe. Their master password option means you’ll need to set one unique password that you’ll enter every time you want to use the autofill information within your browser. It’s disabled by default, so you’ll need to find it and turn it on: Options > Privacy & Security > Use a master password.
  • Stop using autofill when possible — Look, sometimes the simple answer is the best: Just stop using the autofill function. Or at the least, avoid it when signing into particularly sensitive accounts like your bank or credit card service.
  • Regularly prune your autofill databank — If you must use autofill, at least make sure your browser isn’t storing any more information than you’re using. With any of the major browsers listed above, you’ll be able to access your list of autofill information and delete anything you’re unlikely to use.
  • Boost your security system — You’ll stay safe as long as the stealer can’t access your device in the first place. A trusted and up-to-date cybersecurity service should do the job.
  • Replace autofill with a password manager — If you use a dedicated password keeper, you’ll avoid the issue entirely. You’ll pay a monthly fee, but the peace of mind will likely be worth it. Try visiting our list of the top services in the password manager market for more information.

In the end, the best advice is to take as few shortcuts with your sensitive data as possible. Granted, that’s easier said than done, but don’t mistake convenience for true security.

Find out more about staying safe online

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Tags
Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' is out from Abrams Books in July 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
  • AT&T Offers All Customers Free Security Bundle After Data Breach

    Up to $1m worth of identity insurance coverage is now...

    James Laird -
  • Use Roku? Check if You’re One of 576,000 New Hacked Accounts

    Last month's Roku breach is just the tip of the iceberg, as...

    James Laird -
  • Apple Warns iPhone Users to be Alert for New Mercenary Spyware

    India is once again among the countries where state actors...

    James Laird -
  • How to Use Google’s New ‘Find My Device’ Android Network

    You can now retain visibility on your lost Android device,...

    Adam Rowe -
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals