Passwordstate hackers phish for more victims with updated malware

Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware.

Last week, the company notified its users that attackers successfully compromised the password manager’s update mechanism to deliver info-stealing malware known as Moserpass to a yet undisclosed number of customers between April 20 and April 22.

Click Studios published a second advisory on Sunday, saying that “only customers that performed In-Place Upgrades between the times stated above are believed to be affected and may have had their Passwordstate password records harvested.”

Read more…
Source: Bleeping Computer