If you follow a custom of saving passwords in your browser, you better change it, before it’s too late. Because security researchers from a South Korean cybersecurity firm, AhnLab discovered that a new malware named Redline was seen lurking in the browsers and stealing saved passwords only to be transmitted to remote servers.
According to sources, RedLine Stealer was first discovered in May this year when most of the office work was going online. An employee from central Europe accidentally downloaded RedLine malware that later stole some essential passwords required for the management of some corporate systems online.
Then the credential stealing malware starting lurking in the network and planning to be distributed to other networks and spy on the workstation functionalities.
Three months later, RedLine has reportedly emerged into a stealer that majorly targets online users credit card details, auto-fills and cookies and is more interested in stealing their email account logins and passwords.
Like many other malicious software, RedLine stealer is also showing a lot of interest in stealing currency from cryptocurrency wallets.
Since November this year, the said malevolent software that is highly customizable is been cryptically distributed in the name of pirated movie, games and MS office software. And this, when downloaded, starts stealing passwords from browsers in the name of a logged-in user. As the activity seems to be recorded in the Login-Database, the browser releases unencrypted information, thus making way for the malware to fulfill its objective.
Till date, RedLine Botnet was found targeting chrome browsers mostly seen in Android devices. However, the developers have also infiltrated browsers such as Edge, Firefox and Opera in the recent weeks.
Note- From December 26th, 2021 Have I Been Pwned website is notifying users about 441,000 account details stolen through RedLine malware.