Security News > 2021 > April > Passwordstate hackers phish for more victims with updated malware
Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware.
Click Studios published a second advisory on Sunday, saying that "Only customers that performed In-Place Upgrades between the times stated above are believed to be affected and may have had their Passwordstate password records harvested."
Click Studios has been assisting potentially impacted customers over email, providing them with a hotfix designed to help them remove the malware from their systems.
As revealed today in a new advisory, emails received from Click Studios were shared by customers on social media allowing unknown threat actors to create phishing emails matching the company's correspondence and pushing a new Moserpass variant.
The ongoing phishing attack attempting to infect more Passwordstate customers with the Moserpass data theft malware has reportedly only targeted a small number of customers.
Click Studios advised Passwordstate customers who have upgraded their clients during the breach to reset all passwords stored in their database.
News URL
Related news
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)