Moving password database after malware infection?

Deleting and then rolling back my system to make sure I don’t have anything, after downloading some sketchy software.

Only problem, I have a bunch of passwords I cannot lose, and they’re not exactly human readable. I’ll need a few of them to stay around till I reset all of the passwords. I just have some sensitive data on my computer I definitely want to make sure no one is watching.

Might lose a couple VMs, as well. But, I can just remake those.

Is there any means of transferring the password database safely?

Um, what are you using to manage your passwords?

I didn’t read a third part application, so is it just a windows/Mac/OS keychain?

Or through a particular browser?

One of the local encrypted password stores, like Bitwarden. I just don’t know if the code I downloaded downloaded something tiny to run, on top of the actual sketchy software, or if it embedded itself into anything. Using LInux, and I don’t think I gave anything root permission. There is a Russian coder involved with the project, and I have no idea if there was some type of privilege escalation exploit only he knows about.

Pretty sure, this was a phishing attempt. But, I don’t know if the sophistication goes beyond that.

Quick question you ask yourself (you dont have to reply here) - do you own or manage cryptocurrency? Those are pretty much the target these days.

See if firmwares changed recently. Do you own IoTs? Can they update themselves? If so, you should probably nuke everything.

No, IoTs. Think what I was freaking out over turned out to just be an Oh My Zsh prompt from installing Ruby.

Think the computer might be clean.

Have you backed up your passphrase s yet?

All drives die, sooner or later, so backup before you crack up…

1 Like