If you’ve been following my advice on securing your technology, one of the steps you’ve taken was to use unique, strong passwords for all your critical online accounts. If you have more than 2-3, you might also be using software known as a “password manager” which allows you to store your complex, hard-to-remember passwords in one place, secured by a master password. Examples of these include Lastpass, 1Password, Roboform, and Passpack (the one I use). Security analysts at IBM Trusteer have now identified a new form of malware that specifically targets password managers, turning on a keylogger when it detects the program being launched, with the intent of capturing your master password, and thereby gaining access to everything stored within.
What this means for you:
Though this particular malware isn’t widespread yet, it has the potential to cause devastating harm to compromised individuals, if only because it gives the hacker focused and confirmed access to every account stored in that particular password manager. As is always the case, security is only as strong as the weakest link, and 9 out of 10 times we humans are the weakest link. This form of attack requires a particular type of keylogger and trojan infection, so don’t discontinue use of your password manager unless you have reason to suspect you’ve been compromised. While there are no guarantees, you are much less likely to fall victim to a trojan attack like this if you have legitimate, updated anti-malware running on all your internet-connected devices and keep your operating system updated. Constant vigilance is also required: don’t open strange email attachments, carefully read/avoid pop-ups, and always have an experienced IT professional on speed dial.
Note: if you are still running Microsoft XP in your environment, you are putting your whole organization at risk. I’ve been seeing an increasing number of malware infections on older operating systems as antimalware manufacturers end support for their software. In most cases, these machines are running in forgotten corners of your workplace, but may monitor or control critical components of your infrastructure. The cost to recover a compromised XP machine and remediating the damage it caused typically outstrips the cost to replace it. Don’t put it off until it’s too late.
Image courtesy of Salvatore Vuono at FreeDigitalPhotos.net