Μια ενημέρωση λογισμικού στον διαχειριστή κωδικών πρόσβασης Passwordstate της Click Studios περιείχε κακόβουλο software.
With an attack that is very reminiscent of hers Solarwinds, a malicious update on the Clickstios Passwordstate password management platform "threw" malware into the company's systems.
So Click Studios warns its customers to change all saved immediately codeof access for their accounts to VPNs, firewalls, switches, local accounts and servers.
The attack was revealed today by investigators from the CSIS Security Group, which also published the indicators of the attack - which they have named Moserpass.
According to CSIS, the infringement σημειώθηκε μεταξύ 20 Απριλίου και 22 Απριλίου, χρησιμοποιώντας μια κακόβουλη ενημέρωση μέσω ενός αρχείου zip με το όνομα Passwordstate_upgrade.zip που περιείχε ένα κακόβουλο dll (το moserware.secretsplitter.dll).
Click Studios reported that the command-and-control of the attack closed on April 22.
Click Studios has approximately 29.000 corporate and government clients worldwide, in aerospace, banking, defense, healthcare, utilities and more.
Read the findings of the CSIS team from here.