Click Studios, the software company behind Passwordstate, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware. Last week, the company notified its users that attackers successfully compromised the password manager’s update mechanism to deliver info-stealing malware to a yet undisclosed number of customers. Click Studios has been assisting potentially impacted customers over email, providing them with a hotfix designed to help them remove the malware from their systems. However, emails received from Click Studios were shared by customers on social media allowing unknown threat actors to create phishing emails matching the company’s correspondence.
Source: https://www.bleepingcomputer.com/news/security/passwordstate-hackers-phish-for-more-victims-with-updated-malware/