A new malware strain called
ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager.
"The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint
said in a technical report. "The malware is a modular remote access trojan (RAT) with information stealing capabilities."
ZenRAT is hosted on fake websites pretending to be associated with Bitwarden, although it's uncertain as to how traffic is being directed to the domains. Such malware has been propagated via phishing, malvertising, or SEO poisoning attacks in the past.
