Last Updated on 04/01/2022 by Sanskriti
According to research published by AhnLab ASEC, users should avoid using the auto-login option included in many popular web browsers.
On cybercrime forums, the RedLine stealer is commodity spyware that can be acquired for $200.
Hackers are targeting login data files saved on Chromium-based web browsers and SQLite databases containing usernames and passwords with the virus.
It is a severe security problem that affects both enterprises and individual users, according to experts.
RedLine virus, in addition to stealing passwords, offers several other security risks.
Even if a user chooses to save credentials in the browser, the infected machine’s password management system creates a record to suggest that the specific website is banned.
If the attacker is unable to obtain the credentials for this banned account, they will be aware of its existence, allowing them to conduct assaults such as credential stuffing, social engineering, or phishing.
The attackers either use the credentials in future assaults or sell them on dark web marketplaces after obtaining them.
The RedLine virus was recently downloaded and installed utilizing Excel XLL files in a contact form spamming operation.
Furthermore, researchers discovered that the 2easy dark web marketplace is becoming increasingly popular, with RedLine stealer accounting for half of the data traded.
The use of the auto-login option to keep login information in web browsers is dangerous, according to a new RedLine research. As a result, users are advised to utilize a third-party or specialized password manager that stores login information in an encrypted vault and needs a password to access.