Can a virus access my saved passwords?
A friend of mine has had a dating site show up in his web history, probably as a result of a popup ad or browser hijacker. However in his saved passwords list there are 3 accounts created for the dating site all using a random selection of usernames and passwords already saved in the list.
He's adamant he's never visited the site let alone created an account for it, and I believe him. So is it possible for a virus to be able to have done something like this? If so, what purpose would it serve? If not, what do you think happened here?
Additional System Details
- User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36
Could someone else be using the computer, either through the keyboard or remotely through the internet?
I think it is possible for malware to inject logins into Firefox's Saved Passwords, but it seems unlikely unless the malware also is spamming the site or otherwise using those logins.
By the way, to address the question of whether a virus or other external software could access your passwords, I think the answer is yes, software can read those settings files unless you set a Master Password.
More about the Master Password feature: Use a Master Password to protect stored logins and passwords
It's definitely possible that someone is remoting in but If they are he's not aware of it. As far as I know his wife is the only other person who's using it. Thanks for your help, I'll be sure to pass your info onto him.