Μια ενημέρωση λογισμικού στον διαχειριστή κωδικών πρόσβασης passwordstate της Click Studios περιείχε malware.
With one attack που θυμίζει πολύ εκείνη της Solarwinds, a malicious update on platform password manager Passwordstate from Click Studios dropped malware on the company's systems.
Έτσι η Click Studios προειδοποιεί τους πελάτες της να αλλάξουν άμεσα όλους τους αποθηκευμένους κωδικούς πρόσβασης για τους λογαριασμούς τους σε VPNs, firewalls, switches, τοπικούς λογαριασμούς και servers.
The attack was revealed today by investigators from the CSIS Security Group, which also published the indicators of the attack - which they have named Moserpass.
According to CSIS, the infringement occurred between April 20 and April 22 using a malicious update via a zip file named Passwordstate_upgrade.zip that contained a malicious DLL (moserware.secretsplitter.dll).
Click Studios reported that the command-and-control of the attack ended on April 22.
Click Studios has approximately 29.000 corporate and government clients worldwide, in aerospace, banking, defense, healthcare, utilities and more.
Read the findings of the CSIS team from here.
