Trojan targeting Password Manager
A password manager holds several passwords which can be accessed using one master key. Using such a program relieves the users from having to remember many passwords. On the other hand, these passwords are accessible using a single master key. A trojan named Citadel has been found to specifically target Password Managers such as Password Safe and KeePass. Research by IBM found that on average 1 in 500 machines is infected with this trojan. The Citaldel Trojan is based on the open source Zeus Trojan. Should you be worried?
The Citadel trojan has these capabilities:
- Modify web browser processes and monitor access to websites of interest.
- Steal data entered into HTML forms, such as online banking account credentials.
- Modify the HTML of targeted websites within the victim’s web browser.
- Redirect URLs to ones controlled by the malicious actor.
- Upload the HTML code of a targeted URL.
- Steal HTTP cookies and Flash cookies.
- Instrument additional processes to attempt to steal additional account credentials (e.g., FTP and
POP3) from network communications. - Download and execute additional programs.
- Provide a built-in Virtual Network Console (VNC) server with the ability to connect out to a
remote server.
Summarized: it can directly access the machine, execute packet sniffing and steal your credentials. The Citadel trojan targets Windows machines and users from other platforms might be safe from infection.
About The Author
Hi, this is a comment.
To delete a comment, just log in and view the post's comments. There you will have the option to edit or delete them.