Password managers like 1Password, LastPass, and NordPass are essential tools for managing our increasingly complex digital lives. They offer a convenient and secure way to store, generate, and retrieve login credentials. However, a recent report reveals a disturbing trend: attacks targeting these digital vaults are on the rise.
Cybersecurity firm Picus Security reports a threefold increase in password manager attacks in 2024 compared to the previous year. This alarming statistic highlights the evolving sophistication of cybercriminals and the need for enhanced security measures. Their research, detailed in the firm’s Red Report 2025, analyzed one million malware variants and found that a staggering 25% targeted password managers or other password storage methods, including web browsers.
The Rise of “SneakThief” Attacks
Picus Security’s findings underscore the growing threat to password security. For the first time, stealing credentials from password stores ranks among the top 10 techniques in the MITRE ATT&CK Framework, a widely recognized knowledge base of adversary tactics and techniques. These top 10 techniques accounted for a significant 93% of all malicious activities in 2024.
The report identifies a new multi-stage cyberattack method dubbed “SneakThief.” This sophisticated approach emphasizes stealth, persistence, and automation, enabling hackers to execute over a dozen malicious actions undetected. Picus Security refers to this method as “the perfect heist.”
“SneakThief” attacks employ advanced data extraction techniques such as memory scraping, registry harvesting, and compromising both local and cloud-based password stores. This comprehensive approach aims to grant attackers complete access to a user’s digital kingdom.
Protecting Your Passwords: Multi-Factor Authentication and Unique Passwords
Dr. Suleyman Ozarslan, co-founder and VP of Picus Labs, recommends implementing multi-factor authentication (MFA) as a crucial defense against these evolving threats. MFA adds an extra layer of security, requiring users to provide multiple forms of verification before accessing their accounts.
Furthermore, Ozarslan stresses the importance of unique passwords. Reusing passwords, especially within a password manager, significantly increases vulnerability. A compromised password in one account can easily grant access to others if reused.
AI-Driven Malware Remains a Limited Threat (For Now)
While artificial intelligence is rapidly transforming the cybersecurity landscape, the Red Report indicates no significant increase in AI-driven malware during 2024. However, this doesn’t diminish the threat posed by traditional malware and sophisticated attack methods like “SneakThief.”
Conclusion: Staying Ahead of the Threat
The increasing sophistication and frequency of password manager attacks demand proactive security measures. By implementing multi-factor authentication and using unique, strong passwords, users can significantly bolster their defenses against evolving cyber threats. While password managers remain a valuable tool, users must remain vigilant and adopt best practices to protect their digital assets. Staying informed about emerging threats and adopting recommended security measures is crucial in safeguarding your online presence.
https://www.picussecurity.com/resource/press-release/the-rise-of-perfect-heist-attacks
