Security News > 2021 > April > Passwordstate hackers phish for more victims with updated malware
Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware.
Click Studios published a second advisory on Sunday, saying that "Only customers that performed In-Place Upgrades between the times stated above are believed to be affected and may have had their Passwordstate password records harvested."
Click Studios has been assisting potentially impacted customers over email, providing them with a hotfix designed to help them remove the malware from their systems.
As revealed today in a new advisory, emails received from Click Studios were shared by customers on social media allowing unknown threat actors to create phishing emails matching the company's correspondence and pushing a new Moserpass variant.
The ongoing phishing attack attempting to infect more Passwordstate customers with the Moserpass data theft malware has reportedly only targeted a small number of customers.
Click Studios advised Passwordstate customers who have upgraded their clients during the breach to reset all passwords stored in their database.
News URL
Related news
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- Unpatched Mazda Connect bugs let hackers install persistent malware (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)