fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Passwordstate Hackers Phish For More Victims With Updated Malware

Passwordstate Hackers Phish For More Victims With Updated Malware

Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware.

Last week, the company notified its users that attackers successfully compromised the password manager’s update mechanism to deliver info-stealing malware known as Moserpass to a yet undisclosed number of customers between April 20 and April 22.

Click Studios published a second advisory on Sunday, saying that “only customers that performed In-Place Upgrades between the times stated above are believed to be affected and may have had their Passwordstate password records harvested.”

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

Phishing messages copy Click Studios emails shared on social media

Since then, Click Studios has been assisting potentially impacted customers over email, providing them with a hotfix designed to help them remove the malware from their systems.

However, as revealed today in a new advisory, emails received from Click Studios were shared by customers on social media allowing unknown threat actors to create phishing emails matching the company’s correspondence and pushing a new Moserpass variant.

“It is expected the bad actor is actively monitoring social media for information on the compromise and exploit,” Click Studios said today.

“It is important customers do not post information on Social Media that can be used by the bad actor. This has happened with phishing emails being sent that replicate Click Studios email content.”

The ongoing phishing attack attempting to infect more Passwordstate customers with the Moserpass data theft malware has reportedly only targeted a small number of customers.

The company now asks those receiving suspicious emails “to stay vigilant and ensure the validity of any email” they receive.

” If you are unsure if an email is from us, send it to Technical Support as an attachment, for confirmation,” Click Studios added.

The phishing attack is requesting customers to download a modified hotfix Moserware.zip file,from a CDN Network not controlled by Click Studios, that now appears to have been taken down.Initial analysis indicates this has a newly modified version of the malformed Moserware.SecretSplitter.dll, that on loading then attempts to use an alternate site to obtain the payload file. We are still analysing this payload file. — Click Studios

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

Customers urged to reset all stored passwords

The Moserpass malware is designed to collect and exfiltrate both system information and password data extracted from Passwordstate’s database, including:

  • Computer Name, User Name, Domain Name, Current Process Name, Current Process Id, All running Processes name and ID, All running services name, display name and status, Passwordstate instance’s Proxy Server Address, Username and Password
  • Title, UserName, Description, GenericField1, GenericField2, GenericField3, Notes, URL, Password

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us