New phishing campaign hits LastPass, Bitwarden users


Criminals have been found impersonating popular password managers LastPass and Bitwarden online in an attempt to trick users into sharing their login credentials, and thus access to a treasure trove of passwords and other secrets.

LastPass recently issued a warning to its customers, raising awareness of the ongoing phishing campaign.

However the scam also now seems to have spread to other password managers, with Bitwarden customers also apparently being targeted.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • DNC: Highly Publicized ‘Phishing Attempt’ Was Only a Security Test

    August 23, 2018

    An unnamed Democratic source told CNN Wednesday that the DNC was alerted to the presence of a spoofed log-in page designed to mimic VoteBuilder – a platform used by Democratic Party officials and campaigns across the country to manage the Democratic registered voter database. The alarm was raised by security researchers at Lookout and a cloud provider, the source ...

  • New Actor DarkHydrus Targets Middle East with Open-Source Phishing

    August 9, 2018

    DarkHydrus uses the open-source Phishery tool to create two of the known Word documents used in the attacks. Government entities and educational institutions in the Middle East are under attack in an ongoing credential-harvesting campaign, mounted by a newly-named threat group known as DarkHydrus. In a twist on the norm, the group is leveraging the open-source ...

  • DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide

    May 21, 2018

    Widespread routers’ DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users. Dubbed Roaming Mantis, the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users’ login credentials and the secret code for two-factor authentication. Read more… Source: The ...

  • Phishing Spy Campaign Targets Top Mideast Officials

    May 15, 2018

    Researchers have discovered a phishing campaign that infected Android devices with custom surveillance-ware bent on extracting data from top officials, primarily in the Middle East. Researchers at Lookout Security told Threatpost that the tool, dubbed Stealth Mango, has been used to collect over 30 gigabytes of compromised data on attacker infrastructure, including call records, audio recordings, device ...

  • Phishing still number one method for cyber-attacks

    March 16, 2018

    Microsoft has just released its annual cybersecurity report and it says that phishing is still the most popular way for cyber-criminals to attack, giving security experts everywhere headaches. To create the report, Microsoft scanned more than 400 billion emails, 450 billion authentications and 1.2 billion devices. More than half (53 per cent) of all email threats are phishing ...

  • OceanLotus APT campaign debuts new backdoor that resembles old Korplug RAT

    March 14, 2018

    The suspected Vietnamese APT group OceanLotus has added a new backdoor to its repertoire of malicious tools – one that includes capabilities for enabling file, registry and process manipulation, and also downloading more malicious files. According a Mar. 13 blog post by ESET researcher Tomas Foltyn, the hackers appears to be delivering the malware via spear phishing and watering hole ...