A password manager update infected user systems

Australian software company Click Studios, which is behind the Passwordstate password management application, has notified users to reset passwords.

Click Studios said that hackers compromised the software update mechanism and used it to infect users’ computers with malware.

The attack took place between April 20 and April 22.

The company says the attack only affected users who made in-place upgrades between the two dates and that “manual upgrades are not compromised.” The company has warned users that their passwords may have been stolen.

Click Studios said that the investigation into the incident is ongoing, but that at this moment, the number of affected customers seems to be very small.

Passwordstate is software used to manage passwords in companies, allowing them to, among other things, store passwords securely, integrate software into their applications, and reset passwords across a number of systems. The software is used by many companies and individuals from around the world.

Danish company CSIS Group which investigated the incident says that the malware update was delivered in the form of a ZIP file “Passwordstate_upgrade.zip”, which contained a modified version of the library called “moserware.secretsplitter” .dll “, which established contact with the server from which the second file was downloaded” upgrade_service_upgrade.zip “which is responsible for extracting data from the system.

Click Studios has released a hotfix package to help customers remove a DLL attacker and replace it with a legitimate one. The company recommended that companies reset all passwords associated with external systems (firewalls, VPNs), as well as internal infrastructure (storage systems, local systems) and all passwords stored in Passwordstate.

Foto: Click Studios



Source: Informacija.rs by www.informacija.rs.

*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!