Citadel malware attacking open source password managers
The king of the castle has a new tormentor.
IBM’s Trusteer researchers have discovered a new configuration of the Citadel malware that attacks certain password managers. The configuration activates key logging when certain processes are running on the infected machine. The targeted processes include Password Safe and KeePass, two open-source password managers. The variant also targets the nexus Personal Security Client used to secure financial transactions and other services that require heightened security.
Password managers have become popular in the wake of breaches that have exposed millions of end-user credentials. Users collect all their passwords in a “vault” that is protected by a master password. In addition to added security, users can devise long and complex passwords that are hard to guess and that they don't have to remember since the password manager fills in the password field on the user’s log-on screen.