MalwareHunterTeam spotted Google advertising targeting 1Password passwords. Worse, Google advertising is targeting Bitwarden and other phishing sites. “People are saying to look at the URL, maybe it’s just my tiny brain, but I can’t tell which is the actual one,” said another person on the same Reddit post. How can I spot a fake? Scary, “said the phishing page Reddit thread poster. Some thought the URL was a dead giveaway and that it was a phishing page, but others couldn’t tell. Thus, we could not determine if the phishing website would take MFA-backed session cookies (authentication tokens) like many advanced phishing pages. The page was offline when we started testing with real Bitwarden test login credentials.
The phishing page accepted credentials and redirected users to Bitwarden in our tests. Reddit and Bitwarden forum users saw this ad. Google Phishing Used To Target Bitwarden Usersīitwarden customers started seeing Google ads for “bitwarden password manager” on Tuesday. Threat actors have been seen generating phishing pages that target your password vault’s login credentials, maybe authentication cookies since once they acquire these, they can access your vault. LastPass’s security breaches and Norton’s credential stuffing attacks show that a password vault’s master password is weak.
“Password vaults” on the cloud encrypt these passwords with users’ master passwords. Unless you use KeePass, most password managers are cloud-based, allowing users to access their credentials via websites and mobile apps. As enterprises and consumers use unique passwords at every site, password managers must keep track of them. Google Adwords phishing campaigns steal Bitwarden and other password managers’ vault passwords.
0 kommentar(er)
