Formbook, the world’s most popular malware

Secfense meta 2a

Formbook the most popular malware in the world

In its latest report, Check Point informs that Formbook is currently the most popular type of malware, i.e. malicious software that threatens computers. It was detected in nearly 4.5 percent. office networks in the world and in 3.2 percent offices in Poland.

Formbook intercepts logins and passwords stored in browsers, can take screenshots, log keystrokes, and download and run other malicious files. How to protect yourself against this threat and avoid financial losses and serious privacy problems not only at work but also in private life?

How to protect yourself from malware?

In 2021 probably most computer users know that one must never click suspicious e-mails. However, there are still some – including public figures – who can be deceived and approached by the so-called phishing emails. That is why all companies and institutions should enforce the so-called strong authentication. To feel really safe, it is not enough today to log into systems and applications using a login and password. These have been in disgrace for a long time – an intruder can intercept them in a simple way, as he does with the help of the Formbook malware that I mentioned before.

Strong Authentication

Strong authentication or multi-factor authentication is nothing more than adding more authentication factors to your login process. In addition to the login and password, an authorization code is required, and the use of a built-in or external device that will cryptographically confirm the user’s identity. Typically, the devices we use on a daily basis have this component on board, thanks to the build-in FIDO2 authentication standard.

FORMBOOK the worlds most popular malware 1
Formbook, the world’s most popular malware

Adoption of strong authentication

Sounds straightforward. So why there are still so few businesses using multi-factor authentication? Or if they use MFA they use it only on a handful of apps? Precisely because it is difficult to introduce this method to companies that have a complex IT infrastructure and have several hundred applications in use. The main barrier to using MFA (multi-factor authentication) is the high cost and the difficulty of integrating with the applications functioning in companies.

The User Access Security Broker that we have created at Secfense effectively breaks both of these barriers. It allows you to quickly and easily add the selected authentication method to any number of applications. Additionally, Secfense broker adds MFA without interfering with the protected application’s code! The password and login may therefore contain the name of the child or a pet, and the owner of the resources will always be sure that only he or she will be able to access the private data, and not a thief using a stolen identity.

The CEO and co-founder, Tomasz Kowalski, has nearly 20 years of experience in the sale of IT technology, he was involved in hundreds of hardware and software implementations in large and medium-sized companies from the finance, telecommunications, industry and military sectors. Read More


We are faced with new challenges every day. We must always be one step ahead of the attackers and know what they are going to do before they do it. We are convinced that the User Access Security Broker will bring security to a new level, both for those working at the office and from home. For us, working with Secfense is an opportunity to exchange experience with developers who put great value on out-of-the-box thinking.

Krzysztof Słotwiński

Business Continuity and Computer Security Officer

BNP Paribas Bank Poland

As part of the pre-implementation analysis, we verified that users utilize a wide range of client platforms: desktop computers, laptops, tablets, smartphones, and traditional mobile phones. Each of these devices differs in technological advancement, features, and level of security. Because of this, and also due to the recommendation of the Polish Financial Supervision Authority (UKNF), we decided to introduce additional protection in the form of multi-factor authentication mechanisms based on FIDO. As a result, users of our applications can log in safely, avoiding common cyber threats such as phishing, account takeover, and theft of their own and their clients’ data.

Marcin Bobruk



We are excited to partner with Secfense to enhance our user access security for our web apps. By integrating their User Access Security Broker, we ensure seamless and secure protection for our applications and systems, delivering superior security and convenience to our customers.

Charm Abeywardana

IT & Infrastructure

Visium Networks

Before investing in Secfense, we had the opportunity to talk to its existing clients. Their reactions were unanimous: wow, it’s so easy to use. We were particularly impressed by the fact that implementing their solution does not require the involvement of IT developers. It gives Secfense a huge advantage over the competition, and at the same time opens the door to potential customers who so far were afraid of changes related to the implementation of multi-factor authentication solutions.

Mateusz Bodio

Managing Director


Even when the network and infrastructure are secured enough, social engineering and passwords can be used to gain control of the system by attackers. Multifactor authentication is the current trend. Secfense addresses this and allows you to build zero trust security and upgrade your current systems to passwordless applications within minutes, solving this problem right away,” said Eduard Kučera, Partner at Presto Ventures and cybersecurity expert – former Director in hugely successful Czech multinational cyber security firm Avast.

Eduard Kučera


Presto Ventures

One of the biggest challenges the world is facing today is securing our identity online. That’s why we were so keen to have Secfense in our portfolio. They make it possible to introduce strong authentication in an automated way. Until now, organizations had to selectively protect applications because the deployment of new technology was very hard, or even impossible. With Secfense, the implementation of multi-factor authentication is no longer a problem, and all organizations can use the highest standards of authentication security.

Stanislav Ivanov

Founding Partner

Tera Ventures

Two-factor authentication is known to be one of the best ways to protect against phishing; however, its implementation has always been difficult. Secfense helped us solve that problem. With their security broker, we were able to introduce various 2FA methods on our web applications at once.

Dariusz Pitala

Head of IT