Malware Stealing Passwords from File-Sharing SitesTrendLabs’ threat response engineer is warning about the PASSTEAL malware, which is currently spreading on the Internet as key generators for paid applications, popular e-books, and other files people usually download from file-sharing sites.
The threat in question has been described as malware which employs some password recovery instruments in order to steal passwords that its victims store in their browsers.
The company found out that a number of PASSTEAL malware versions use social engineering lures like variants disguised as key generators for paid apps. TrendMicro team identified “WebBrowserPassView” and “PasswordFox” as two of the password recovery instruments within PASSTEAL. In the meantime, security experts warn about the possibility that people who have developed PASSTEAL could also be using other recovery instruments.
Most people use the same password across various websites, which can certainly help them to remember it, but this still increases the risk of data theft. Of course, for better security, Internet users are recommended to use various login credentials for their accounts and create strong and easy-to-remember passwords. The experts also recommend users to use features offered by the browsers that can help protect private information. For instance, Mozilla Firefox has a master password feature which enables encryption in order to prevent password recovery instruments to easily access account data stored in browsers.
People who are recommended to especially watch out for password stealing malware like PASSTEAL are those who share passwords across many Internet accounts, and those who forget that password sharing is a bad idea.