You can now find Cyber Kendra on Google News | Telegram

Hackers Hacked Passwordstate Update Mechanism to send Malware

Malicious updates were distributed between April 20-22 this year.


Unknown attackers compromised the update mechanism of the corporate password manager Passwordstate and used it to install malware on users' systems.

Passwordstate developer Click Studios has already sent out incident notification emails to their customers . According to data on the Click Studios website, its client list includes 29 thousand companies around the world, including government organizations, as well as firms in the defense, financial, aerospace and other sectors.

According to the notification, malicious updates were distributed between April 20-22. As the investigation showed , the cybercriminals compromised the In-Place Upgrade function and used it to send a malicious update, which is a zip archive “Passwordstate_upgrade.zip” containing the malicious DLL “moserware.secretsplitter.dll”. Once installed, the malware, dubbed Moserware, contacted the C&C server to request new commands and additional payloads.

At the moment, it is unclear what additional malicious modules were loaded on the compromised systems and what actions the attackers took, since they shut down their C&C server immediately after detecting a breach.

Click Studios has already released a malware removal hotfix. Experts recommend that Passwordstate users reset all passwords stored in the manager as soon as possible, especially for VPNs, firewalls, switches, servers, and local accounts.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.