elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Arreglado, de nuevo, el registro del warzone (wargame) de EHN


+  Foro de elhacker.net
|-+  Foros Generales
| |-+  Foro Libre
| | |-+  Noticias (Moderadores: wolfbcn, El_Andaluz)
| | | |-+  New Citadel Trojan Targets Your Password Managers
0 Usuarios y 1 Visitante están viendo este tema.
Páginas: [1] Ir Abajo Respuesta Imprimir
Autor Tema: New Citadel Trojan Targets Your Password Managers  (Leído 1,894 veces)
r32
Ex-Staff
*
Desconectado Desconectado

Mensajes: 1.299



Ver Perfil WWW
New Citadel Trojan Targets Your Password Managers
« en: 23 Noviembre 2014, 02:57 am »



 Unless we are a human supercomputer, remembering password is not an easy task and that too, if you have a different password for every different site. But luckily to make the whole process easy, there is a growing market for password managers which provides an extra layer of protection. Wait! Wait! Seriously??

Security researchers have discovered a new variant of data-stealing Citadel Trojan program used by cybercriminals to slurp up users' master passwords for a number of password management applications and other authentication programs, which will let you think twice before using one.

Citadel Trojan malware program has typically been used to steal online banking credentials and other financial information by masquerading itself as legitimate banking sites when victims open it in their local browser, which is also known as a man-in-the-browser attack.

The malware has previously targeted users’ credentials stored in the password management applications included in popular Web browsers, however, third-party password managers have typically not been targeted by the attackers.

But, researchers at IBM Trusteer noted that the configuration file of the notorious malware had been modified to activate a keylogger when users opened either Password Safe or KeePass, two open-source password managers. Designed to steal the "Master Password" that protects access to the database of the end-user's passwords.

Citar
     "Password management and authentication programs are important solutions that help secure access to applications and Web Services," Dana Tamir, director of enterprise security at Trusteer, wrote on IBM’s Security Intelligence blog.

    "If an adversary is able to steal the master password and gains access to the user/password database of a password management solution or compromise authentication technology, the attacker can gain unfettered access to sensitive systems and information."

 In addition, the new Citadel variant also targets the enterprise authentication solution Nexus Personal Security Client used to secure financial transactions and other services that require heightened security, according to research from data-protection company IBM Trusteer.

Once the malware infected a computer, it waits until one of the configured process is launched. The malware then logs keystrokes to steal the master passwords, allowing cybercriminals complete control over the machine and victims’ every online account protected by that password manager.

The Citadel Trojan has been in existence since 2011 that has already compromised millions of computers around the world. According to the security researchers, Citadel is "highly evasive and can bypass threat detection systems."

    "[The Citadel variant] might be an opportunistic attack, where the attackers are trying to see which type of information they can expose through this configuration, or a more targeted attack in which the attackers know that the target is using these specific solutions," reads the blog.

In June last year, the tech giant Microsoft along with the FBI and financial services companies launched a "takedown" operation against Citadel botnets, which had stolen more than $500 million from bank accounts over the past 18 months. At the time, the group claimed it disrupted more than 90% of Citadel botnets.

Info: http://securityintelligence.com/cybercriminals-use-citadel-compromise-password-management-authentication-solutions/#.VG8L2YuUeT0

Fuente: http://thehackernews.com/2014/11/new-citadel-trojan-targets-your.html


En línea

Minusfour_cierralo_o_baneamefull


Desconectado Desconectado

Mensajes: 571


Ver Perfil
Re: New Citadel Trojan Targets Your Password Managers
« Respuesta #1 en: 23 Noviembre 2014, 04:05 am »

Pues justamente utilizo el Keepass 2 para recordar todas las cuentas de correo, registros, etc. Eso si lo del banco y paypal no suelo ponerlo ahí prefiero memorizarlo aunque no haya mucho que coger  :P


En línea

Páginas: [1] Ir Arriba Respuesta Imprimir 

Ir a:  

Mensajes similares
Asunto Iniciado por Respuestas Vistas Último mensaje
pcliga.com (juego de managers, online)
Juegos y Consolas
chick 3 2,249 Último mensaje 18 Marzo 2004, 17:04 pm
por chick
CODIGO DE CITADEL c\c++ y php
Desarrollo Web
6TUNX4T 0 1,678 Último mensaje 24 Agosto 2013, 15:02 pm
por 6TUNX4T
Trojan:JS/Redirector y js: Trojan-Clicker. como funcionan?
Análisis y Diseño de Malware
dega1980 3 3,236 Último mensaje 13 Abril 2014, 19:34 pm
por .:UND3R:.
DoubleDirect MitM Attack Targets Android, iOS and OS X Users
Noticias
r32 0 1,425 Último mensaje 23 Noviembre 2014, 02:28 am
por r32
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines