- Nov 10, 2017
- 3,135
- 1
- 22,994
- 4,269
Bitwarden password vaults targeted in Google ads phishing attack
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.
Bitwarden password vaults targeted in Google ads phishing attack
- Thread starter CyberTech
- Start date
Yes, it's BW's turn now. Will increasing BW's KDF to 600 000 and longer length passwords help in preventing?
Last edited:
as long as it's in the "targeted" stage, it's fine i'd say
not everything "targeted" suffered breaches
not everything "targeted" suffered breaches
I do not believe that.Yes, it's BW's turn now. Will increasing BW's KDF to 600 000 and longer length passwords help in preventing?
It is indicated through a fake website in my interpretation.
Last edited:
Not just BW, the article refers to "..and other password managers.."; almost inevitable I believe, once it became obvious how much personal data could be stolen from PW Managers other ones are what I'd go after if I was a hacker.Yes, it's BW's turn now. Will increasing BW's KDF to 600 000 and longer length passwords help in preventing?
Anyone here knows if anti-keyloggers like Hitmampro.alert or Keyscrambler could protect from this?
Last edited:
The page at 'bitwardenlogin.com' was an exact replica of the legitimate BitWarden Web Vault Login page, as seen below....
...In our tests, the phishing page will accept credentials and, once submitted, redirect users to the legitimate Bitwarden login page...
Maybe I’m missing. But I don’t think that answers my question.
If you were to go to the phishing page and entered your “correct” login info, would keyscrambler scramble that info so that bad guys only get an “incorrect” login info?
Nope because basically you are giving the right info to the bad guys. The anti-keylogger has nothing to do with that otherwise you couldn't login into any site if you were using anti-keylogger. This is a very old trick of getting login info. That's why I use bookmarks or URL's from password managers. This plus DNS is my solution.
In this case simple adblocker can easily protect users from this kind of harmful ads.
Right. But I meant more of in a general sense. There's a script that can be run that'll export all your keepass passwords to an unencrypted file. Exploits like that, or this birtwarden one, can be mitigated in large part by common sense. Those that cannot, some sort of anti-executable may be in order. In that way, the creator of keepass was right.
Does not pretty much any PW allow to autofill only on a legitimate domain? Unless a script runs the legitimate domain in an iframe and then copies the credentials from there?
So in this case using PW rather then typing the credentials yourself could have actually prevented phishing? And those who type such a sensitive info surely check the certificate?!
Sorry for the late reply.
Yes you are right. However, if the extension in the browser does not work properly (which can happen), then the user has to manually enter the data. When I used an extension, I wasn't afraid of such attacks, because the situation you described was in place
This is a type of attack that only works in certain cases, but it is still quite common unfortunately.
You may also like...
-
1Password adds pop-pup warnings for suspected phishing sites- Started by Brownie2019
- Replies: 11
-
UK fines LastPass over 2022 data breach impacting 1.6 million users- Started by Gandalf_The_Grey
- Replies: 1
-
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers- Started by Andy Ful
- Replies: 125
-
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds- Started by Parkinsond
- Replies: 10
-
Bitwarden makes it harder to hack password vaults without MFA
- Started by Gandalf_The_Grey
- Replies: 2