Utilizing Google to look up the vendor's official Web vault login page, several customers of Bitwarden's password management service last week reported seeing paid advertising to phishing sites that steal credentials.
Google ads targeting Bitwarden users
Several password managers are cloud-based, enabling users to access their passwords via websites and mobile apps unless they utilize a local password manager like KeePass. The industry has criticized KeePass for being less user-friendly than cloud-based alternatives, but technical users rely on its security because it encrypts all passwords and the entire database and is saved locally on a computer rather than in the cloud.
According to a revelation from last week, Google ads phishing efforts that sought to acquire user password vault credentials specifically targeted Bitwarden and 1Password. Malicious advertising that targets users of Bitwarden and 1Password indicates that threat actors have added a new method for breaking into password managers and compromising the accounts connected to those passwords.
When clients browsed for terms like 'bitwarden password manager' or '1Password's Web vault,' for example, the malicious advertising which customers of Bitwarden and 1Password reported seeing last week was near the top of Google's search engine results. Additionally, the landing pages are of a high caliber. One Bitwarden user discovered a phishing website that so convincingly resembled the vendor's official Site that it was difficult to distinguish the two.
Recent hacks show that a master password is a password vault's weak link. As a result that when they gain access to your login information and maybe authentication cookies, threat actors have been seen developing phishing pages that target one's password vault.
Safeguarding password storage
It is crucial to protect password vaults since they store the most sensitive internet data. Verifying that you are entering your credentials on the right website is always the first step to take when it comes to safeguarding your password storage against phishing threats.
Attackers have been employing the vector to spread a variety of viruses or links to malicious or phishing websites in order to steal login information and other personal data. They started employing these advertisements to imitate well-known and well-liked firms more recently.
Hardware security keys, authentication apps, and SMS verification are the three finest MFA verification techniques to utilize when securing your account, going from best to worst. The login form for a legitimate service, such as Microsoft 365, will be displayed to visitors to the phishing page using this technique. Their credentials and MFA verification codes are entered, and this information is also sent to the website. The threat actors can access your account without having to check MFA again thanks to these tokens, which have already undergone MFA verification.
