Password managers are supposed to protect our logins and other sensitive information in one encrypted database, secured with a master key. They're a much better alternative to using the same password on multiple sites or constantly forgetting your passwords. But now hackers are targeting these password managers.
Ars Technica reports that a new Citadel trojan, identified by IBM Trusteer, is specifically aiming to find the master passwords for password managers like Password Safe or KeePass--both highly regarded password managers. It does this by installing a keylogger that captures the master key and then uses that to completely control all of the user's online accounts and computer.
It's not really much of a surprise that cybercriminals would go after password managers, since, by design, they contain the infor for all of our online accounts. It is like "putting all of your eggs in one basket."
There are some things you might be able to do to safeguard against this while still using your convenient password manager. Turn on two-factor authentication: LastPass lets you secure your database with a second, physical key, a Yubikey. KeePass has an option to secure your database with a keyfile, which you can store on an external or network drive. 1Password, although it doesn't have 2FA built in, can store its database on Dropbox, which does have two-factor authentication (so essentially, a thief would need to know the Dropbox password, have control of the device or email address for Dropbox's two-factor authentication, and have the 1Password password to get it to your database).
Despite the current Citadel attack, which so far is pretty isolated, using a password manager is still better than using the same simple password everywhere, Ars Technica's article concludes. But it's important to remember that these solutions aren't foolproof themselves.