Passwordstate, the on-premises password management solution being used by over 370,000 security and IT professionals from 29,000 companies worldwide and serving companies from the Fortune 500 rankings, from a wide range of industry sectors, like government, defense, finance, aerospace, retail, automotive, healthcare, legal, and also media, was recently the victim of a supply chain attack.

The supply chain attack took place between April 20 and April 22 and happened through the download of malicious upgrades by the customers.

The malware worked by harvesting the system information meaning that once deployed, the malware called Moserpass was able to collect system information and data, that later got sent to the attacker-controlled servers.

It’s interesting that after uploading the collected data, the malware sleeps for 1 day and restarts the harvesting and uploading process, after this amount of time.

As a precaution the customers were advised to reset all their stored passwords, when the company published a second advisory on Sunday, saying that “only customers that performed In-Place Upgrades between the times stated above are believed to be affected and may have had their Passwordstate password records harvested.”

“To be clear, Click Studios CDN Network was not compromised. The initial compromise pointed the In-Place Upgrade functionality to a CDN network not controlled by Click Studios.”

Source

At this time the number of affected customers is unknown, the company stating that they can make an assessment based on the window of opportunity the malware had, which lasted around 28 hours, the nature of the initial compromise and subsequent exploit, and customers provision of the requested information, all this data pointing towards a very low number of affected clients.

featured photo for heimdal news
2021.04.20 QUICK READ

Code Testing Company Codecov Hit with Supply-Chain Attack

Heimdal Featured Image
2021.03.19 QUICK READ

New Malware Targets iOS Developers in Supply-Chain Attack

How to deal with supply chain cyber security risks
2020.01.21 INTERMEDIATE READ

Supply Chain Cyber Security: What Are the Risks?

Comments
miraluna pilapil collamar on April 28, 2021 at 12:16 am

Verry nice

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP