It is generally considered to be good practice to use a different password each account, although most users will admit that this is easier said than done. This has lead to an increased use of password managers to automatically remember passwords, and this in turn has apparently caused malware to switch to targeting these password managers.
Research has shown that an existing piece of malware known as Citadel has been reconfigured to seek out and compromise password managers and authentication services. The malware now occasionally serves as a keylogger when one of the more popular open source password managers, like Password Safe or Key Pass, is activated. The stolen passwords are then sent to what appears to be a legitimate webserver that has also been compromised. Researchers were unable to trace the data after it reached the server as it appeared to have been removed.
It is unknown if the attack is part of a larger campaign or if it is the work of opportunistic hackers. IBM researchers warn that while password managers are valuable security tools, they are also still liable to be compromised by malware. That being said, a password manager is an invaluable tool and is still better than using the same set of passwords for everything.
[Source: Security Intelligence]