Security News > 2023 > January > Bitwarden password vaults targeted in Google ads phishing attack
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.
Unless you use a local password manager, like KeePass, most password managers are cloud-based, allowing users to access their passwords through websites and mobile apps.
On Tuesday, Bitwarden users began seeing a Google ad titled 'Bitward - Password Manager' in search results for "Bitwarden password manager."
To make matters worse, it's not only Bitwarden being targeted by malicious phishing pages in Google ads.
Security researcher MalwareHunterTeam also recently found Google ads targeting the credentials for the 1Password password manager.
BleepingComputer has not been able to find other ads targeting other password managers, but Google search result advertisements have become a massive cybersecurity problem lately.
News URL
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Phishers abuse Google OAuth to spoof Google in DKIM replay attack (source)