Security News > 2023 > January > Bitwarden password vaults targeted in Google ads phishing attack
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.
Unless you use a local password manager, like KeePass, most password managers are cloud-based, allowing users to access their passwords through websites and mobile apps.
On Tuesday, Bitwarden users began seeing a Google ad titled 'Bitward - Password Manager' in search results for "Bitwarden password manager."
To make matters worse, it's not only Bitwarden being targeted by malicious phishing pages in Google ads.
Security researcher MalwareHunterTeam also recently found Google ads targeting the credentials for the 1Password password manager.
BleepingComputer has not been able to find other ads targeting other password managers, but Google search result advertisements have become a massive cybersecurity problem lately.
News URL
Related news
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Google fixes Android kernel zero-day exploited in targeted attacks (source)
- New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links (source)
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google to Remove App that Made Google Pixel Devices Vulnerable to Attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)