My friend works for an information security firm and yesterday got a text notification that a transaction had been made on his personal PayPal. When he checked his office computer, his mouse cursor was moving automatically and transferring passwords from his LastPass password manager to an application in his web browser.
After getting the situation under control, he said this could be avoided with a dedicated firewall/router appliance... He already uses 2 factor authentication when possible, uses a password manager, and changes his passwords frequently - far more than the average person does to protect their digital identity.
I find this story scary, particularly because of who the victim was. It seems this was a targeted networking attack. How did this happen? How can this be avoided in the future?
[link] [comments] ...