Password managers are one of the most effective ways internet users keep their online lives in order. Many popular services include 1Password, LastPass, and NordPass, which can be used for storing and generating passwords, and recalling login credentials.
However, while you may think your passwords are secure with these platforms, cybercriminals are getting more sophisticated with their methods of hacking password managers and getting access to your digital information.
A recent report by cybersecurity firm Picus Security indicates cyberattacks on password managers were three times more likely to occur in 2024 than in the year prior.
The research, detailed in the firm’s Red Report 2025 also noted that of the one million malware variants studied, 25% of them targeted password managers or some method of other password storage, such as web browsers that allow for saving login credentials.
“For the first time ever, stealing credentials from password stores is in the top 10 techniques listed in the MITRE ATT&CK Framework,” Picus Security said in a press release. “The report reveals that these top 10 techniques accounted for 93% of all malicious actions in 2024.”
The firm uses its MITRE ATT&CK Framework to classify cyberattacks. Picus has determined that hackers have developed a multi-stage method of cyberattack it’s calling “SneakThief,” which entails “increased stealth, persistence, and automation.” Hackers perform over a “dozen malicious actions” to collect data without detection. Picus calls the method “the perfect heist.”
“Threat actors are leveraging sophisticated extraction methods, including memory scraping, registry harvesting, and compromising local and cloud-based password stores, to obtain credentials that give attackers the keys to the kingdom,” Picus Security co-founder and VP of Picus Labs, Dr. Suleyman Ozarslan said in a statement.
Ozarslan recommends that password manager users utilize multi-factor authentication alongside the primary password-storing method. Additionally, he suggests never reusing passwords, particularly if they are being stored in a password manager.
While artificial intelligence is a quickly growing trend in today’s cybersecurity space, Red Report noted no significant increase in cybercriminals using AI-driven malware in 2024.