New phishing campaign hits LastPass, Bitwarden users


Criminals have been found impersonating popular password managers LastPass and Bitwarden online in an attempt to trick users into sharing their login credentials, and thus access to a treasure trove of passwords and other secrets.

LastPass recently issued a warning to its customers, raising awareness of the ongoing phishing campaign.

However the scam also now seems to have spread to other password managers, with Bitwarden customers also apparently being targeted.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

    March 25, 2025

    In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious ...

  • Financial cyberthreats in 2024

    March 25, 2025

    As more and more financial transactions are conducted in digital form each year, financial threats comprise a large piece of the global cyberthreat landscape. That’s why Kaspersky researchers analyze the trends related to these threats and share an annual report highlighting the main dangers to corporate and consumer finances. This report contains key trends and statistics ...

  • Arcane stealer: We want all your data

    March 19, 2025

    At the end of 2024, Kaspersky researchers discovered a new stealer distributed via YouTube videos promoting game cheats. What’s intriguing about this malware is how much it collects. It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla and DynDNS. The stealer was named Arcane, not ...

  • Fake BianLian Ransomware Letters in Circulation

    March 19, 2025

    On March 5, the FBI issued an alert regarding a mail scam targeting U.S. business executives with extortion. The letters claim to be from noted ransomware group BianLian, demanding a payment in Bitcoin ranging from $250,000 to $500,000 within ten days of receipt. The FBI alert reads as follows: “Stamped “Time Sensitive Read Immediately”, the letter ...

  • AMOS and Lumma stealers actively spread to Reddit users

    March 18, 2025

    Malwarebytes Labs were alerted to Mac and Windows stealers currently distributed via Reddit posts targeting users engaging in cryptocurrency trading. One of the common lures is a cracked software version of the popular trading platform TradingView. The crooks are posting links to both Windows and Mac installers which have been laced with Lumma Stealer and Atomic ...

  • Squid Werewolf cyber spies masquerade as recruiters

    March 12, 2025

    Espionage activity clusters may pose as recruiters to distribute phishing emails, targeting key employees in organizations of interest. In December 2024, the BI.ZONE Threat Intelligence team uncovered a peculiar phishing campaign aimed at luring victims with fake job opportunities at an industrial organization. A detailed analysis revealed that the attack had been carried out by Squid Werewolf ...