Google-hosted malvertising leads to fake Keepass site that looks genuine
Google-verified advertiser + legit-looking URL + valid TLS cert = convincing look-alike.
Conversation
Notices
-
Ars Technica (arstechnica@mastodon.social)'s status on Thursday, 19-Oct-2023 13:50:59 JST 
Ars Technica
-
maisylover (benjamincodes@mastodon.social)'s status on Thursday, 19-Oct-2023 14:00:19 JST 
maisylover
@arstechnica Do people still use keepass? I assumed keepassxc was the "new" version and that keepass was abandoned in favor of xc.
-
Jack Yan (甄爵恩) (jackyan@mastodon.social)'s status on Thursday, 19-Oct-2023 14:34:57 JST 
Jack Yan (甄爵恩)
@arstechnica Ten years ago, we were hacked. The hacker put in what appeared to be Google Adsense code, which Google itself then marked as malicious and put up big security warnings to anyone trying to access our site on Chrome (as well as people linking to us). Even back then I knew not to trust Google ads!
-
gqcwwjtg (gqcwwjtg@mastodon.social)'s status on Thursday, 19-Oct-2023 15:12:47 JST 
gqcwwjtg
@arstechnica badvertising
-
§ (shuvashish76@mastodon.social)'s status on Thursday, 19-Oct-2023 15:57:43 JST 
§
Detailed report from #Malwarebytes LABS
https://www.malwarebytes.com/blog/threat-intelligence/2023/10/clever-malvertising-attack-uses-punycode-to-look-like-legitimate-website -
Joan Westenberg (daojoan@mastodon.social)'s status on Thursday, 19-Oct-2023 17:28:47 JST 
Joan Westenberg
@arstechnica you also see a lot of this with crypto tools / apps. IE, folks will run ads for fake wallet sites that then drain users.
You can debate the worth of crypto till the cows come home.
But we can’t debate that ad platforms need to take their own duty of care seriously.
-
All 076萌SNS content and data are available under the