top | item 43962763

(no title)

melicerte | 9 months ago

> Of particular concern, WithSecure Threat Intelligence identified a successful campaign, spanning at least 8 months, where legitimate source code of the popular open-source password manager tool ‘KeePass’ had been modified, and recompiled with trusted certificates.

My understanding is that if you don't pay particularly care to where you get your KeePass from, you can be tricked into downloading and installing a keepass from perfectly valid installer, potentially leaking all your passwords to the attackers.

I don't know if using open source projects with recompiled sources and valid trusted certificate is a common vector of attack but WithSecure reports that it has been installed a number of times across several of their customers.

discuss

No comments yet.