Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Monday, 24 November 2014 / Published in Woo on Tech

Trojans targeting Password Managers

Password Managers targeted

If you’ve been following my advice on securing your technology, one of the steps you’ve taken was to use unique, strong passwords for all your critical online accounts. If you have more than 2-3, you might also be using software known as a “password manager” which allows you to store your complex, hard-to-remember passwords in one place, secured by a master password. Examples of these include Lastpass, 1Password, Roboform, and Passpack (the one I use). Security analysts at IBM Trusteer have now identified a new form of malware that specifically targets password managers, turning on a keylogger when it detects the program being launched, with the intent of capturing your master password, and thereby gaining access to everything stored within.

What this means for you:

Though this particular malware isn’t widespread yet, it has the potential to cause devastating harm to compromised individuals, if only because it gives the hacker focused and confirmed access to every account stored in that particular password manager. As is always the case, security is only as strong as the weakest link, and 9 out of 10 times we humans are the weakest link. This form of attack requires a particular type of keylogger and trojan infection, so don’t discontinue use of your password manager unless you have reason to suspect you’ve been compromised. While there are no guarantees, you are much less likely to fall victim to a trojan attack like this if you have legitimate, updated anti-malware running on all your internet-connected devices and keep your operating system updated. Constant vigilance is also required: don’t open strange email attachments, carefully read/avoid pop-ups, and always have an experienced IT professional on speed dial. 

Note: if you are still running Microsoft XP in your environment, you are putting your whole organization at risk. I’ve been seeing an increasing number of malware infections on older operating systems as antimalware manufacturers end support for their software. In most cases, these machines are running in forgotten corners of your workplace, but may monitor or control critical components of your infrastructure. The cost to recover a compromised XP machine and remediating the damage it caused typically outstrips the cost to replace it. Don’t put it off until it’s too late.

Image courtesy of Salvatore Vuono at FreeDigitalPhotos.net

  • Tweet
Tagged under: hacker, malware, password, security

What you can read next

Personal vigilance won’t be enough
Adobe Flash
Chrome just hammered a stake through Flash’s heart
Is your server making money for someone else?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Social Media monetizes our need to be social

    Part of our occasional series “The Elepha...
  • Freemail accounts will be hacked

    Most of you know that I do not recommend using ...
  • LastPass Breach is bad news for everyone

    Late in the year, just in time for the holidays...
  • 2023 – Approach with Caution

    Traditionally I like my year-end messages to be...
  • Privacy sign

    Popular tax apps leaked your data to Facebook

    While it shouldn’t come as a surprise to any of...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP