When the user enters a file The password somewhere automatically Google Chrome He asks if he wants Save password To save yourself a step the next time you want to log in. However, contrary to popular belief, Doing so is not safe.
company analysis cyber securityAnd the ESETanalyze whether the fact that access credentials are stored is secure and what are the risks of this option so that users know what they can face.
The company noted that the biggest risk this poses is that if an attacker gains access to the computer, they can easily obtain the data. passwordsDecipher and steal it. This type of action has been observed many times by banking trojans whose task is to steal credentials for accessing online banking sites in order to commit fraud later.
How do scammers get passwords?
“We start with trying to log into Facebook with a fake username and password.. When the browser tells us, we click on the Google Chrome option to save our credentials,” according to the analysis of the company that cited the site Infobae.
just by name user name And the The password It is stored in the database Google Chromeyou can browse to the file where the information is saved (this data will be stored in a SQLite3 database usually located at: %LocalAppData%\Google\Chrome\User Data\Default\Login Data).
Later The file is opened with a program that allows viewing of databases. When opening with a DB browser, for example, you can go to the “Logins” option to find the entries containing the login data, including: URL, username, password. The The password Stored is encrypted, however, when you click on this field, the program displays its hexadecimal representation.
At this point, the attacker already owns user nameThe website and the The password It is encrypted, so it remains only to perform the last step: decrypt it.
“It is recommended that you do not use this function, and if you do, do not use it to save passwords for important servicessuch as online banking, social networks, medical portals, or those containing personal information”,