Security News > 2021 > April > Passwordstate Warns of Ongoing Phishing Attacks Following Data Breach

Click Studios, the Australian software firm which confirmed a supply chain attack affecting its Passwordstate password management application, has warned customers of an ongoing phishing attack by an unknown threat actor.

"We have been advised a bad actor has commenced a phishing attack with a small number of customers having received emails requesting urgent action," the company said in an updated advisory released on Wednesday.

While Passwordstate serves about 29,000 customers, the Adelaide-based firm maintained that the total number of impacted customers is very low.

"The original attack was carried out via a trojanized Passwordstate update file containing a modified DLL that, in turn, extracted retrieved a second-stage payload from a remote server so as to extract sensitive information from compromised systems. As a countermeasure, Click Studios released a hotfix package named"Moserware.

The newly spotted phishing attack involves crafting seemingly legitimate email messages that "Replicate Click Studios email content" - based on the emails that were shared by customers on social media - to push a new variant of the malware.

"The phishing attack is requesting customers to download a modified hotfix Moserware.zip file, from a CDN Network not controlled by Click Studios, that now appears to have been taken down," the company said.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/7GQI-1KUe-E/passwordstate-warns-of-ongoing-phishing.html