Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Forum Discussion
How should we protect 1Password from the Meduza Stealer?
The following link is to an article listing 1Password as a target for the Meduza Stealer.
https://www.techrepublic.com/article/meduza-stealer-targets-browser-variants-crypto-wallets-password-manag...
GreyM1P
1Password Team
1Password TeamHi there @phawtrey
Some version of this has been mentioned before (and most likely by me), but it's worth repeating here: If there's malware on your system, all bets are off. That is to say, 1Password can't be any more secure than the system it runs on if malware undermines that security.
The best defence against anything like Meduza, by and large, is vigilance. By avoiding infection in the first place, we don't have to worry about remediation, just like with human healthcare.
Technical solutions to malware are all well and good (and are definitely useful!), but humans remain the weak leak in the chain, and might still for some reason decide to override a warning issued by their system that what they're doing is unsafe. People, ultimately, are the ones who make mistakes.
If we (users) exercise the typical caution while browsing the web, we're unlikely to download, install, and run anything harmful. There are things that help with this, like your browser's built-in safe browsing system, which might well stop you before you even get to a dangerous website. Some browsers like Chrome also offer enhanced safe browsing which takes things a step further.
Even if that fails, your computer's built-in anti-malware system, like Microsoft Defender, will probably catch it and stop it (as long as its definitions have been allowed to update regularly). If you have additional protection from something else like an anti-virus suite, then that might well catch it if Microsoft Defender didn't, for example.
Similarly, if you received something like this in an email, your email provider would most likely be checking attachments for malware, and would screen any links in emails to let you know if they're unsafe or not.
That Tech Republic article mentions:
It’s highly suspected that Meduza Stealer is spread via the usual methods used for information stealers, such as compromised websites spreading the malware and phishing emails.
"Highly suspected" doesn't mean "known", so we have to be cautious about our assumptions here, but if that's true, then the points above about being vigilant and having the standard security posture in place will likely apply.
Hope that helps, but let me know if you have any questions. :)
— Grey
