25 November 2014

Alert Priority High

Researchers have discovered that a well-known type of malware has been used to target password management tools.

Password management tools are an inevitable target for criminals because they hold a list of all your usernames and passwords, and many can also store credit card information and other personal details used for online shopping.

With information all stored in one place, it makes password management tools a potential single point of weakness. If it is compromised, so are all the accounts you have stored in it.

According to the researchers, the malware is a new version of Citadel malware. Citadel has previously been shown to have compromised millions of computers worldwide. It is effective at avoiding detection by security software, and has been used to steal banking passwords with great effect.

Because Citadel is already widespread, it is possible that the criminals could remotely reconfigure the malware that is already on people’s systems to target master passwords.

The new version of Citadel has been adapted to target the master password of your password manager. Under certain conditions it seeks to log the keys you type (record the keys when you press them) as you enter your master password.

Staying safe

To stay safe you should ensure your password manager is as secure as possible, and minimise the chances of encountering malware in your online activities.

Use a strong master password. If possible, you should also use ‘two-factor authentication’. The second factor, such as a code sent by SMS, means that a stolen password alone will not grant the criminal access.

You should also install reputable security software and keep it up-to-date.

Other ways you can minimise your chances of encountering malware and of being impacted by attacks such as this include:

Stick to reputable websites, software and services that are more likely to secure your information.

Do not click on links or attachments in emails, messages, posts or other communications unless you are confident about where it will take you or what it contains.

Be suspicious about emails and messages from sources you do not know.

Learn what to look for in messages that could be suspicious.

Minimise the amount of information you disclose online.

More information

Stay Smart Online has more information on protecting yourself here.

The research mentioned here is available on IBM’s blog. This Computerworld article also discusses the issue.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.


Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.


This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.


Facebook: www.facebook.com/staysmartonline
Email: staysmartonline [at] communications.gov.au
Web: www.staysmartonline.gov.au
You are receiving this message at the address [Email].
Update your profile preferences
If you no longer wish to receive this information, you can unsubscribe.

© 2013 Australian Government. All rights reserved

Connect with Stay Smart Online