Skip to main content

Citadel malware attacking open source password managers

posted onNovember 21, 2014
by l33tdawg

The king of the castle has a new tormentor.

IBM’s Trusteer researchers have discovered a new configuration of the Citadel malware that attacks certain password managers. The configuration activates key logging when certain processes are running on the infected machine. The targeted processes include Password Safe and KeePass, two open-source password managers. The variant also targets the nexus Personal Security Client used to secure financial transactions and other services that require heightened security.

Password managers have become popular in the wake of breaches that have exposed millions of end-user credentials. Users collect all their passwords in a “vault” that is protected by a master password. In addition to added security, users can devise long and complex passwords that are hard to guess and that they don't have to remember since the password manager fills in the password field on the user’s log-on screen.

Source

Tags

Security Viruses & Malware

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th