Click Studios developers of Passwordstate enterprise password manager warns users of ongoing phishing attacks by hackers.
The company notified its users of hackers using phishing techniques to spread the updated Moserpass malware. The Moserpass malware is known to steal information, the number of customers affected by the malware between April 20 and April 22 remains undisclosed.
In a second advisory published by the company, users have been advised users who updated during the period mentioned above are believed to be affected and the hackers may have compromised their Passwordstate password records.
All the affected users are being guided by Click Studios, by providing a hotfix to resolve the issue by removing the malware from their systems.
How do hackers further compromise Passwordstate?
In yet another advisory released today by Click Studio, customers shared the emails they received on their social media. The hackers manage to recreate phishing emails to match the company correspondence and push a new Moserpass variant.
The company warned its users not to share information on social media as hackers were constantly monitoring information on their social media accounts. This has resulted in bad actors managing to replicate Click Studios email content.
The Moserpass data theft malware currently used by the bad actors to infect more Passwordstate users has only managed to target a small number of customers.
The company has requested users to remain vigilant and ensure the validity of any email. In case users are not sure if an email is from Click Studios, the company has asked them to send it Technical Support as an attachment, for confirmation.
What All is at Risk?
Since the Moserpass malware is designed to collect and extract information, customers are at risk of losing data stored in Passwordstate’s database. This includes various information such as :
- Computer Name, User Name, Domain Name, Current Process Name, Current Process Id, All running Processes name and ID, All running services name, display name and status, Passwordstate instance’s Proxy Server Address, Username and Password
- Title, UserName, Description, GenericField1, GenericField2, GenericField3, Notes, URL, Password
Customers are advised to reset their passwords
All customers are advised to reset their passwords by Click Studios, especially those who have upgraded their client during the period the breach occurred.
Currently, more than 370000 IT professionals, working in around 29000 companies across the world.
Many of the Click Studios clients come from various industry sectors such as government, defense, aerospace, finance, healthcare, automotive, legal, and media.