Security News > 2021 > April > Passwordstate hackers phish for more victims with updated malware
Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware.
Click Studios published a second advisory on Sunday, saying that "Only customers that performed In-Place Upgrades between the times stated above are believed to be affected and may have had their Passwordstate password records harvested."
Click Studios has been assisting potentially impacted customers over email, providing them with a hotfix designed to help them remove the malware from their systems.
As revealed today in a new advisory, emails received from Click Studios were shared by customers on social media allowing unknown threat actors to create phishing emails matching the company's correspondence and pushing a new Moserpass variant.
The ongoing phishing attack attempting to infect more Passwordstate customers with the Moserpass data theft malware has reportedly only targeted a small number of customers.
Click Studios advised Passwordstate customers who have upgraded their clients during the breach to reset all passwords stored in their database.
News URL
Related news
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)
- Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware (source)
- Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware (source)
- Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique (source)
- Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware (source)