Dvorak: A Browser Credential Dumping Malware

José Areia; José Areia; Bruno Santos; Bruno Santos; Mário Antunes; Mário Antunes

doi:10.5220/0012731300003767

Dvorak: A Browser Credential Dumping Malware

José Areia, José Areia, Bruno Santos, Bruno Santos, Mário Antunes, Mário Antunes

2024

Abstract

Memorising passwords poses a significant challenge for individuals, leading to the increasing adoption of password managers, particularly browser password managers. Despite their benefits to users’ daily routines, the use of these tools introduces new vulnerabilities to web and network security. This paper aims to investigate these vulnerabilities and analyse the security mechanisms of browser-based password managers integrated into Google Chrome, Microsoft Edge, Opera GX, Mozilla Firefox, and Brave. Through malware development and deployment, Dvorak is capable of extracting essential files from the browser’s password manager for subsequent decryption. To assess Dvorak functionalities we conducted a controlled security analysis across all aforementioned browsers. Our findings reveal that the designed malware successfully retrieves all stored passwords from the tested browsers when no master password is used. However, the results differ depending on whether a master password is used. A comparison between browsers is made, based on the results of the malware. The paper ends with recommendations for potential strategies to mitigate these security concerns.

Download

Paper Citation

in Harvard Style

Areia J., Santos B. and Antunes M. (2024). Dvorak: A Browser Credential Dumping Malware. In Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-709-2, SciTePress, pages 434-441. DOI: 10.5220/0012731300003767

in Bibtex Style

@conference{secrypt24,
author={José Areia and Bruno Santos and Mário Antunes},
title={Dvorak: A Browser Credential Dumping Malware},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2024},
pages={434-441},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012731300003767},
isbn={978-989-758-709-2},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Dvorak: A Browser Credential Dumping Malware
SN - 978-989-758-709-2
AU - Areia J.
AU - Santos B.
AU - Antunes M.
PY - 2024
SP - 434
EP - 441
DO - 10.5220/0012731300003767
PB - SciTePress