New trojan aims to steal your password manager’s password
Password managers are supposed to protect our logins and other sensitive information in one encrypted database, secured with a master key. They’re a much better alternative to using the same password on multiple sites or constantly forgetting your passwords. But now hackers are targeting these password managers.
Ars Technica reports that a new Citadel trojan, identified by IBM Trusteer, is specifically aiming to find the master passwords for password managers like Password Safe or KeePass–both highly regarded password managers. It does this by installing a keylogger that captures the master key and then uses that to completely control all of the user’s online accounts and computer.