That's kinda the same "attack" as extracting stored passwords of >your favorite browser< with a binary with userspace-rights. It is already a problem if a binary has your rights and it needs to be addressed how it get thus far, no matter what it does in your rights context.
A comparable issue: Feynman noticed unlocked safes were vulnerable to get their code stolen.<p>It seems this principle holds for a lot of things: Try to keep secure storage locked if not in use.<p>From the top if my head: Our web password vault is 1 xss bug away from being cloned if open. Same for my bank website. Full disk encryption does not help against files like pgpass being read by malware if I am logged in Passwords not in memory can't end up in a core dump. Browser stored passwords also seem vulnerable. Etc....