Fake malware apps cause some password managers to surrender logins

40% password managers failed to keep the passwords secure

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A large number of toppassword managersmay be vulnerable to cyberattack by fake applications, new reports have warned.

Researchers at the University of York found that two out of five password managers gave out customer details when presented with a fake maliciousGoogleapp.

While the researchers did not delve into specific details, most of the tested password manager applications had weak criteria of identifying rogue apps, which resulted in this vulnerability being so damaging.

Inadequate security

Inadequate security

The researchers added that if hackers are somehow successful in getting victims to install such fake applications, there is a chance they could get easily access to the passwords.

Since many password manager apps do not impose a login limit using a pin or other login, these apps can often be hacked into with the help of a brute force password attack in just over a couple of hours.

Senior author of the study, Dr Siamak Shahandashti from the Department of Computer Science at the University of York, noted that “Because they are gatekeepers to a lot of sensitive information, rigorous security analysis of password managers is crucial. Our study shows that a phishing attack from a malicious app is highly feasible – if a victim is tricked into installing a malicious app it will be able to present itself as a legitimate option on the autofill prompt and have a high chance of success.”

He also suggested that these commercial password managing apps should deploy additional screening measures before sharing password details with other apps and also use better security mechanism to limit login attempts.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While password managers are entrusted to securely remember unique and complex passwords, it becomes imperative for the companies behind these apps to ensure that their applications are safe and are not prone to hack easily.

Via:IT Pro

Jitendra has been working in the Internet Industry for the last 7 years now and has written about a wide range of topics including gadgets, smartphones, reviews, games, software, apps, deep tech, AI, and consumer electronics.

This dangerous new malware is hitting Windows devices by hiding in games

Windows PCs targeted by new malware hitting a vulnerable driver

Steps to take when your phone number is publicly listed online