KeePass News:
Hackers Create a Modified Password Manager to Deploy Ransomware
KeePass is a widely used open-source password manager used by businesses and individuals all around the world. Hackers are altering this legitimate security tool to steal data.
Security professionals at WithSecure Threat Intelligence observed a new version of KeePass Password Manager being distributed by cybercriminals. The criminals host their modified version on a typosquatted website meant to look like the original KeePass website. Fake ads in Bing led people straight to the malicious website.
When users place their passwords into the manager, it would also create an unencrypted database of those passwords. Then their software would send those passwords to the hackers. The criminals use the passwords to get access and deploy ransomware to the network.
There are practices you can adopt to protect yourself.
- Avoid clicking sponsored links or ads
- Bookmark important websites
- Check the web address at the top of your browser is correct
Awareness is key. Following the practices listed above will help you develop good internet browsing habits to keep you from falling victim to these tactics.
As always, NGT is here to help!
Contact ngthelp.com with questions.