Reply to post: Re: Fake accounts? You sure?

Mystery database left open turns out to be at heart of a huge Groupon ticket fraud ring

waldo kitty
Boffin

Re: Fake accounts? You sure?

I would love to have a simple way of populating Chrome's password store with fake logins (real login in password manager), as I suspect that some webpage malware has been able to access the password store - given the old passwords that I'm threatened with.

why use malware to access and decrypt some local password storage when one only need to use an "invisible" iframe and embed a ftp link which causes the browser to use the user's configured name and password? that's an old method, though, and it doesn't really work any more with modern browsers... it wasn't quite that easy, either, but it is the gist of the method that i'm conveying without going into too much detail...

remember, there are some very sneak bastards out there in the ethers...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019