Apparently, the malware seem to start keylogging when the password manager starts running on an affected computer. At the moment, IBM is clueless whether how to detect or to find the target of the attack.
“Because the configuration file instructs the malware to capture keystrokes related to widely used password management and authentication solutions, we can’t know who, exactly, is the target of the attack. It might be an opportunistic attack, where the attackers are trying to see which type of information they can expose through this configuration, or a more targeted attack in which the attackers know that the target is using these specific solutions,” IBM wrote on the report.
Read Also: Ugly Truth About Hacking and Poor Passwords – Infographic
IBM has contacted the vendors of the vulnerable password managers to warn their users to take necessary steps to protect themselves. However, it’s probably best to avoid using a password manager for a while, at least until this issue is resolved.
[Via: BGR / IBM ]
(All images, trademarks shown on this post are the property of their respective owners)
Follow @nrjperera – Roshan Jerad Perera
