“So far, Ars isn’t aware of reports of such malicious tools circulating in the wild, but it wouldn’t be surprising if they exist and are already being used. Readers are once again advised to use a password manager to store a unique, randomly generated password that’s a minimum of 10 characters long and contains a mix of upper- and lower-case letters, numbers and special characters. Whenever possible, people should also used multi-factor authentication.”
Yup. Some of these may be a pain to setup, but it doesn’t compare to the pain involved if one of your accounts gets hacked. Especially the one for your financial information! And with it now being really easy to start checking to see where else that username/password combo that got hacked could also be used, it’s beyond time to take this advice seriously.