Are you using Google Chrome and Microsoft Edge browsers to save your login credentials? A malware, named RedLine, was reportedly the reason for a data breach of over 440,000 accounts. Surprisingly, it can even steal your Bitcoin wallets!
Luckily, there is a simple way to check if your password has been compromised.
RedLine Malware Breach
Several people have been using Google Chrome and Microsoft Edge to save login passwords to easily access websites that require an account. Through this, you won't have to keep remembering your passwords since it is already saved in the mentioned browsers.
Despite the benefit it brings, Hindustan Times reported that some IT researchers have warned people, specifically those who are working from home. The said warning is about the possibility of your saved passwords on Google Chrome or Microsoft Edge being hacked.
In relation to this, IT researchers have also advised people to avoid using the login password feature in any browser after a recent malware data breach that compromised a company.
To further emphasize, Have I Been Pwned, a data breach notification service, currently allows you to see if your email and password were among 441,000 accounts taken in a data-stealing effort involving RedLine malware, per Bleeping Computer.
RedLine malware is the most used data-stealing virus, and it is spread through phishing emails with malicious attachments, YouTube frauds and warez or crack websites.
Moreover, this malware will attempt to capture cookies, passwords, credit cards, and other information from browsers after it has been installed. It may also download new software or run instructions on the infected machine, as well as steal passwords saved in VPN and FTP clients.
Unfortunately, it can even steal Bitcoin wallets.
In addition to this surprise, the RedLine Malware can access your laptop or computer even if it has installed antivirus software, per Hindustan Times.
With regards to its discovery, it appeared last March 2020 on the Russian dark web during the spread of the COVID-19 worldwide.
The stolen data is compiled into a "logs" bundle and published to a remote site, where the attacker may retrieve it later. Attackers exploit these records to hack additional accounts or sell them for as low as $5 per on dark web criminal markets.
Bob Diachenko, a security researcher, discovered a site with over 6 million RedLine records from August and September 2021 last weekend. This server was most likely utilized by the threat actor to store stolen data, although it was not properly secured.
While the data contained 6 million information, Diachenko told BleepingComputer that many of them used the same email address for several services.
How to Check If You've Been Exposed by RedLine Malware?
For those curious to know how to check if their login credentials might have been affected by the RedLine malware data breach, Diachenko shared a simple way for you to check if your data was stolen in the reported RedLine malware attack.
The said way is through searching your password in the Have I Been Pwned website.
On the said website, it will show you the result "Oh no - pwned!" if the password you are using is included in the data breach.
Pwned Passwords are a collection of hundreds of millions of real-world passwords that have been exposed because of data breaches. Because of this, these passwords are not suited for long-term usage since they're more likely to be utilized to take over other accounts.
2 Ways to Avoid Data Breach
Since the said malware poses a great risk, it is important to note that there are two ways to avoid a data breach.
One is to scan your computer using antivirus software to detect and remove any installed malware. Meanwhile, the second way is to background check any apps you wish to install on your laptop or computer.