Major rise in password-stealing malware detected

(Image credit: Ai825 / Shutterstock)

The number of users targeted by password-stealing malware jumped from 600,000 in the first half of 2018 to over 940,000 during the same period in 2019 according to new research from Kaspersky.

Password Stealing Ware (PSW) is a malicious type of software that is able to collect data directly from a user's web browser using various methods. The information stolen by PSW is often sensitive and includes credentials for online accounts as well as financial information, autofill data and saved card details.

Additionally some families of this type of malware are designed to steal browser cookies, user files from a specific location such as their desktop and even files from messaging services and other apps.

Kaspersky has detected high levels of activity from cybercriminals in Europe and Asia deploying PSW over the past six months and the malware has been utilized to target users in Russia, India, Brazil, Germany and the US.

Password Stealing Ware

Of the password-stealing malware detected by the cybersecurity firm, one of the most widely spread Stealer Trojans was the multifunctional Azorult which was detected on the systems of over 25 percent of all users who encountered Trojan-PSW type malware between the first half of 2018 and the second half of this year.

Security researcher at Kaspersky, Alexander Eremin explained how consumers are leaving themselves vulnerable to password theft online and how they can better protect themselves from this growing threat, saying:

“Modern consumers are increasingly active online and understandably rely on the internet to carry out many tasks in their daily lives. This fills their digital profiles with more and more data and details and makes them a lucrative target for criminals as they could be monetised in numerous ways afterwards. By securely storing passwords and credentials, consumers can use their favourite online services in confidence that their information will not be put at risk. This should be also supported by installation of security solution as one can never be too careful.” 

To ensure user passwords and other credentials remain secure online, Kaspersky recommends not sharing your passwords with anyone, installing updates and product patches promptly and using a password manager to store passwords and other sensitive personal information.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.