If you thought hackers gaining access to just one of your online accounts was troublesome, you’ll be terrified to know that the next frontier might put your entire online identity at risk. IBM’s Security Intelligence reports that a new configuration of the Citadel trojan has been designed to start keylogging when specific password managers begin running on an infected user’s computer.
FROM EARLIER: Scary new malware uses a Gmail trick to steal your data
“Because the configuration file instructs the malware to capture keystrokes related to widely used password management and authentication solutions, we can’t know who, exactly, is the target of the attack,” writes IBM.
“It might be an opportunistic attack, where the attackers are trying to see which type of information they can expose through this configuration, or a more targeted attack in which the attackers know that the target is using these specific solutions.”
It’s worth noting that the Citadel trojan has been around for quite some time, compromising millions of computers all around the world. In fact, IBM Trusteer research shows that at any given time, 1 in 500 computers are infected with this malware. It bypasses scans and stays dormant until it is activated by a user action, such as the configuration noted above.
In an age when keeping up with every password for every app, service and device you own is next to impossible, password management tools have become vital. In light of this new information, it’s as good a time as any to remind everyone to err on the side of caution when it comes to accessing your password manager from a new location.