Skip to Content
Security & privacy

Watch out for a big increase in malware that steals your passwords

While paying bills or purchasing products online, having your password saved on the site seems like a great time saver. It’s also a great way to get your password stolen.

A new report finds that the number of people whose passwords have been stolen by malware via browsers has jumped dramatically.

Read on for more information on how the malware attacks. We’ll also show you how you can protect your passwords.

Huge increase in password-stealing malware

New research from Kaspersky Lab finds that attacks from malicious software that aims to steal your passwords, and other sensitive information, are on the rise. In the first half of 2018, fewer than 600,000 people were targeted by password-stealing malware.

Kaspersky found that during the same period this year, the number of attacks rose to more than 940,000. That’s an increase of 60%.

The report also found that the malware targets sensitive data such as credit card numbers and autofill information by taking advantage of vulnerabilities in web-browsers. About 25% of those who contracted password-stealing malware were infected by Azorult.

Azorult is one of the most commonly bought and sold password-stealers in Russian forums, according to Kaspersky. In addition, the report stated that most of the time, this type of malware targets files found on the desktop.

But, why would criminals target desktop files? Desktops are more at risk, according to the report, because that’s where people tend to store the files they use most — including a list of passwords. The malware can be spread through emails containing infected attachments.

The most prized stolen data

Password stealer malware will collect any and all data it can. From browsers it collects:

  • Passwords
  • Autofill data
  • Payment cards
  • Cookies

It can also copy files from your device:

  • All files from a specific directory (such as Desktop)
  • Files with a specific extension
  • Files for specific apps

It forwards system data such as:

  • Operating system version
  • User name
  • IP address

The malware can also steal accounts from various applications, take screenshots, download files from the internet and more.

According to the Kaspersky report, “stolen data can be used to transfer funds to cybercriminal accounts, order goods or services, and, if the desire or opportunity is lacking to do it oneself, it can always be sold on to other cybercrooks.”

Protecting yourself from malware

First and foremost, do not use your browser’s password-saving function. Here are some other important tips to protect your data:

The hunger for browser data is showing no sign of slowing. The current collection of password-stealing malware is being actively supported, updated, and supplemented with new features.

For example, malware can now steal two-factor authentication data from apps that generate one-time access codes. So always remain vigilant and stay up to date on the latest cyberthreats. App background

Check out the free App!

Get tech updates and breaking news on the go with the App, available in the Apple and Google Play app stores.

Get it today