Monday, May 5, 2025
HomeSecurity NewsWeb Trackers Exploit Browser Password Managers and Steal Login Information From Browser

Web Trackers Exploit Browser Password Managers and Steal Login Information From Browser

Published on

SIEM as a Service

Follow Us on Google News

A known browser vulnerability exploits the default browser Password manager that abused by third-party scripts and exfiltrate the hidden user identities.

An attacker can be successfully gaining the information by tracking script that inserts an invisible login form in the user visiting website that is automatically filled by browser login manager.

This vulnerability flaw is possibly existing with the browser login manager in all the browsers type and its malicious third-party tracking script exfiltrate the sensitive user information.

- Advertisement - Google News

Few days before Researcher identified Critical security flaw from well-known browser password manager leads to escalating the privileges of windows and leaked the saved password from the browser.

Tracking scripts are found in more than 1000 website among top 1 Million websites and gathered user addresses that will be hashed later and send it across to third-party servers.

Since Email addresses are unique, hash the email address information and send it across to network because it is an excellent tracking identifier and  The hash of an email address can be used to connect the pieces of an online profile scattered across different browsers, devices, and mobile apps.

Also Read :    Over 500 Million Users PC’s are Secretly Mining CryptoCurrency in Browser without Users Knowledge

How does this Vulnerability Exploit Browser Password Manager

All the web browsers are built-in login managers by default that helps to save user login details to provide an easy user login experience with a set of rules to follow for which login forms will be auto-filled varies by browser.

User information auto filling function doesn’t need any user interaction for all the browsers to auto-filled the username except Chrome.(Crome autofill the password field until the user clicks or touches anywhere on the page).

In this case, a user fills out a login form on the page and asks the browser to save the login. but third party script not presented on the first login page.

Password Manager

When a user visits another page of the same website where the third part script is running and it injects an invisible login form.

Once it injects the malicious script then users information automatically filled in by the browser’s login manager to the invisible login form which contains the username and password fields.

Password Manager

Similar attacks were reported by many researchers especially steal passwords from login managers through cross-site scripting (XSS) attacks.

According to Researchers, Built-in login managers have a positive effect on web security: they curtail password reuse by making it easy to use complex passwords, and they make phishing attacks are harder to mount. Yet, browser vendors should reconsider allowing stealthy access to auto-filled login forms in the light of our findings.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked...

LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme

The Federal Bureau of Investigation (FBI) has issued a warning regarding an emerging scam...

New ‘Waiting Thread Hijacking’ Malware Technique Evades Modern Security Measures

Security researchers have unveiled a new malware process injection technique dubbed "Waiting Thread Hijacking"...

EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data

As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR),...