Citadel malware attacking open source password managers

IBM’s Trusteer researchers have discovered a new configuration of the Citadel malware that attacks certain password managers. The configuration activates key logging when certain processes are running on the infected machine. The malware is designed to steal the "master password" that protects access to the database of the end-user's passwords.

Shadow hand on keyboard credit-cnet-v1-610x344
Credit: CNET

The targeted processes include Password Safe (PWsafe.exe), which was designed by security expert Bruce Schneier, and KeePass (KeePass.exe). Both are open-source password managers. The variant also targets the nexus Personal Security Client used to secure financial transactions and other services that require heightened security.