How did a virus gain access to all of my login information stored in Firefox?
Hello,
Two days ago I discovered that my computer had been infected with a trojan and other malware. The very next day, at 9:00 AM, my email, checking account, amazon account, etc. were accessed by an unknown individual. Assumedly, he gained all of my login information from Firefox, as that is my only browser with my stored information.
I had been under the impression that the saved logins were secure, but obviously that is not the case. Is there anything further that could have been done to protect my login information?
All Replies (4)
Are you using a master password of sufficient strength to protect the passwords in the Password Manager?
Without a master password you only need access to logins.json and key4.db in the profile folder.
If you still have a key3.db file (key file used in older Firefox versions) in the profile folder then you can remove this file.
You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.
- Help -> Troubleshooting Information -> Profile Directory:
Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder - http://kb.mozillazine.org/Profile_folder_-_Firefox
I suggest you change all of your passwords Everywhere. Also check your e-mail data at each site as well.
You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no
Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.
cor-el said
Are you using a master password of sufficient strength to protect the passwords in the Password Manager? Without a master password you only need access to logins.json and key4.db in the profile folder. If you still have a key3.db file (key file used in older Firefox versions) in the profile folder then you can remove this file. You can use the button on the "Help -> Troubleshooting Information" (about:support) page to go to the current Firefox profile folder or use the about:profiles page.
- Help -> Troubleshooting Information -> Profile Directory:
Windows: Show Folder; Linux: Open Directory; Mac: Show in Finder- http://kb.mozillazine.org/Profile_folder_-_Firefox
From what I understood, the master password prevents unauthorized users from accessing your firefox browser. I did some digging and it appears that master password's cipher will enter into active memory and become vulnerable to malware. So, since your passwords are stored on your computer and decrypted on your computer, a virus will be able to retrieve the login information.
Basically, the only way to protect the login information is to store the data offsite in a password protected area, somewhat like Google's method.
I have learned my lesson and will definitely not have login information stored in autofill.