A phishing scam targeting users of the well-known open source password manager KeePass has been exposed by a security researcher. The scam involves a fake website that appears as an official advertisement on Google search results, luring users into downloading Trojan-infected software.
KeePass is a free and open source password manager that helps users to securely store their passwords and other sensitive data in an encrypted database. Users can unlock the database with a master password, a key file, or both. KeePass is mainly designed for Windows, but it also supports other platforms through unofficial ports.
Counterfeit website mimicking the official KeePass platform
However, according to a Twitter user named 23pds, who is a member of the blockchain security threat tracker SlowMist, a counterfeit website mimicking the official KeePass platform has been spotted in Google search results. The fake website uses a deceptive domain name that looks similar to the real one, but with a different character encoding. The fake domain name is ķeepass [.]info, which is actually xn–eepass-vbb [.]info.
The fake website looks identical to the real one, and offers users to download the latest version of KeePass. However, the download link leads to a malicious executable file that contains a Trojan software. The Trojan software can potentially steal users’ personal information, such as passwords, bank account details, or cryptocurrency holdings.
A call for vigilance
The security researcher warned the crypto community to remain vigilant and avoid clicking on suspicious links or downloading software from unverified sources. He also reported the phishing website to Google, hoping that the search engine giant will take action and remove the fraudulent advertisement.
Users who want to download KeePass or any other security software should always verify the authenticity of the website and ensure that it is the official source. Users can also check the digital signature of the downloaded file and compare it with the one provided by the official website. Additionally, users can use antivirus software and firewall to protect their devices from malware attacks