Security experts warn of surge in malware targeting credentials stored in password vaults and managers as adversarial focus and tactics shift. ‘Like hitting the jackpot.’
Security watchers warn of a three-fold increase in malware that targets credential stores, such as password managers and browser-stored login data.
The study by Picus Security, which was based on analysis of 1 million real-world malware samples, also found that 93% of all malicious actions mapped to just 10 MITRE ATT&CK techniques.
Password store security trade-offs
Password stores are secure repositories designed to manage and protect sensitive authentication data, including usernames, passwords, encryption keys, and other credentials. Stores come in various forms, tailored to use cases and resident operating systems.
The main types of password stores include Keychain (for macOS and iOS), built-in password managers in browsers such as Chrome and Firefox, Windows Credential Manager, and dedicated password managers such as LastPass, 1Password, and Bitwarden. The category also includes cloud secrets management stores, like AWS Secrets Manager and Azure Key Vault, and caches and memory of third-party software.
Password stores aim to enhance security by providing encrypted storage and convenient access to credentials, reducing the risk of password reuse and simplifying the management of multiple complex passwords. Unfortunately, the centralized nature also makes them attractive targets for cybercriminals who target them through various strains of malware.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
