BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

New Password-Stealing Malware Spreads Rapidly Thanks To Rock-Bottom Pricing

Following
This article is more than 6 years old.

There's a nasty new piece of malware making the rounds that wants to steal your precious passwords. It's not the most sophisticated software around, but it gets the job done... and it's being sold for a ridiculously low price.

For just $13 (or even as little as $7), cybercriminals can get their hands on Ovidiy Stealer from a Russian-language website. While they don't get a tool that's capable of ripping through vulnerable computers the way WannaCry did, they do get an effective password-stealing tool that can snatch credentials from web browsers like Google Chrome and Opera.

The other top browsers -- Firefox, Internet Explorer, Safari -- aren't even supported. Chrome's userbase -- which surpassed the 2 billion mark last year -- provides plenty of potential targets.

According to security researchers at Proofpoint, crooks are distributing the malware as email attachments or disguising it as cheating tools for popular games and cryptocurrency mining tools. They also get access to a web-based dashboard where they can keep tabs on their campaigns.

As they infect victims they see new information appear on their dashboard. They can check out log files from each infected machine, sift through stolen credentials, and even request tech support from Ovidiy Stealer's creator, a hacker who goes by TheBottle.

Proofpoint believes that this malware has "the potential to become a much more widespread threat." In a competitive malware marketplace (yep, that's a thing), the dirt-cheap Ovidiy Stealer could be on the brink of becoming an epidemic.

How do you protect yourself? A good first step is enabling two-factor authentication on all the accounts you can. Second, start using a good password management app that generates strong passwords -- and helps you quickly reset them in the event that your computer becomes infected.