Security News > 2023 > January > Bitwarden password vaults targeted in Google ads phishing attack
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.
Unless you use a local password manager, like KeePass, most password managers are cloud-based, allowing users to access their passwords through websites and mobile apps.
On Tuesday, Bitwarden users began seeing a Google ad titled 'Bitward - Password Manager' in search results for "Bitwarden password manager."
To make matters worse, it's not only Bitwarden being targeted by malicious phishing pages in Google ads.
Security researcher MalwareHunterTeam also recently found Google ads targeting the credentials for the 1Password password manager.
BleepingComputer has not been able to find other ads targeting other password managers, but Google search result advertisements have become a massive cybersecurity problem lately.
News URL
Related news
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)