Security News > 2020 > February > Chrome 80 encryption change blocks AZORult password stealer
Evidence is emerging that a barely noticed change made to Chrome 80, released on 4 February, might have disrupted the hugely successful data and user profile stealing malware AZORult.
Now, according to research by Israeli security company Kela, chatter on crime forums suggests cybercriminals believe that Chrome 80's move to encrypt locally saved passwords and cookies using AES-256 has killed the malware's attempts to steal data for good.
The only way for AZORult to adjust to this change would be to patch the original source code, but this is no longer available.
Which is why the easiest way to dodge the issue of browser password manager weaknesses is not to use them at all, opting instead for a full-blown password manager.
The additional security they offer over browser password stores is more than worth the minimal time spent setting them up.