Jinshan Poison PA: Browser Password Thieves aim at web games and enterprise network management

November 18, Jinshan Poison Bully Cloud Security Center to capture a new type of password theft virus, the virus specifically steals the mainstream browser has saved passwords, the browser encrypted password data sent to the hacker-controlled server. In addition, the browser password thieves will also steal toxic computer FTP client records and Remote Desktop management credentials, the enterprise network security poses a serious threat.

Jinshan Poison PA Security experts point out that each browser provides the ability to record a login password to facilitate users to visit the Web site automatically when they log on. Analysis found that the browser password thieves will check the poisoned computer installed browser configuration information, the browser saved the password data stolen and sent to a hacker in the United States to control the server.

Figure 1 The browser provides the ability to record passwords

Most people think that the password information that the browser has encrypted is stored on the computer and it is difficult to decrypt it. But actually not so, as long as hackers get encrypted text, through the internet on the public crack algorithm or tools, can be ordinary netizens use the browser saved password easily decrypted.

Figure 2 Easy to use internet exposed tools to crack browser saved password

Jinshan Poison PA Safety experts said, from the current monitoring data, browser password theft of the number of infected computers is not high, the main mode of transmission is disguised as a game plug-in or game modifier cheat game players to download. Judging from these characteristics, the virus is a major threat to Web game security, web games in the browser password thieves appear fragile.

But the browser password theft virus is not limited to stealing the browser has saved the password, the virus will also steal all the FTP clients used on the computer Save records and RDP files (Windows Remote Desktop login credentials), the same encrypted data sent to the hacker control of the remote server. If these data are stolen, the equivalent of hackers to get the key to the warehouse, the enterprise is facing disastrous consequences.

Browsers are tools that netizens use every day, and almost everyone saves their login password by default when they use the browser. The advent of the browser password theft may put all internet users at risk. Jinshan Poison PA Security experts recommend the use of professional anti-virus software defense browser password theft, reduce the use of games plug or game modifier, regular replacement of important system login password.