Security News > 2023 > January > Bitwarden password vaults targeted in Google ads phishing attack
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.
Unless you use a local password manager, like KeePass, most password managers are cloud-based, allowing users to access their passwords through websites and mobile apps.
On Tuesday, Bitwarden users began seeing a Google ad titled 'Bitward - Password Manager' in search results for "Bitwarden password manager."
To make matters worse, it's not only Bitwarden being targeted by malicious phishing pages in Google ads.
Security researcher MalwareHunterTeam also recently found Google ads targeting the credentials for the 1Password password manager.
BleepingComputer has not been able to find other ads targeting other password managers, but Google search result advertisements have become a massive cybersecurity problem lately.
News URL
Related news
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Google takes action after coder reports 'most sophisticated attack I've ever seen' (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- Google to Iran: Yes, we see you using Gemini for phishing and scripting. We're onto you (source)
- Google says hackers abuse Gemini AI to empower their attacks (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)