RedLine Stealer

Threat Alert

RedLine Stealer

Password Protection

Accessing online accounts used to seem so straightforward: Remember your username and the name of your favorite pet, and you’re in! As cyber criminals have pressed in, accessing our accounts has gotten more involved. Recommendations now involve using unique passphrases with numbers and symbols, changing them routinely, and enabling multifactor authentication. A great convenience was that many web browsers now offer to store encrypted versions of your credentials.

Stored Credentials

RedLine Stealer has poked holes in the convenience of stored credentials. RedLine Stealer is a malware that showed up in 2020. It allows criminals to access accounts as the original user. As long as there is a login saved in the victim’s web browser, the criminals can access and decrypt the credentials for later use. Further, if the user told a browser to “Never save” for a specific site, that information is also available to the criminal. While the hacker cannot simply decrypt the credentials, they do then know an account likely exists for them. They then have a starting point if they want to take their attack further.

Making a Profit

The most troubling bit is that RedLine Stealer is malware-as-a-service. That means it is licensed out by its creators for any cyber criminal willing to pay to use. As a result, it is being used to steal data beyond usernames and passwords. In fact, RedLine Stealer is responsible for half of all data sold on an up-an-coming dark web marketplace.

What Can You Do?

The main take away is that while an extra step may inconvenience you, it can save you in the long run. Extra steps to take include:

  • Enable multifactor authentication wherever possible.
  • Avoid saving usernames and passwords in your web browser. A separate well-reputed password manager is a better option.
  • Click "Do not save" instead of "Never ask" every time your browser prompts you to save credentials for a website.
  • Update and patch your systems. A patch exists for the primary vulnerability exploited in RedLine Stealer. If your web browser has its current security patches applied, you should be protected from this particular malware.

For More

Get more details on how RedLine Stealer works from Bleeping Computer’s original post. Get an updated perspective at ZDNet's original post.

ABOUT FRONTLINE TECHNOLOGY LLC

Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders. With over 20 years' experience serving organizations of all sizes, Frontline understands the unique needs, budgets, and technology challenges of nonprofits.

Technology is often perceived as complicated and expensive. Many nonprofits struggle to implement the technology solutions and security needed to drive their mission forward. Frontline Technology helps nonprofits overcome their technology challenges so they can stay focused on their mission.

For nonprofits of every type and size:  We Keep IT Simple

 

Contact Us

Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders.

Corporate Office

6136 Frisco Square Blvd, Suite 400
Frisco, TX 75034

Regional Office

2300 Lakeview Parkway, Suite 700
Alpharetta, GA 30009

Hours

Monday-Friday: 8am - 5pm
After-hours by appointment

Call Us

(866) 944-4044

Scroll to Top