News
Windows 11 users, don’t fall into the fake password generator scam
- September 27, 2023
- Updated: July 2, 2025 at 1:07 AM
Proofpoint’s cybersecurity sleuths just unearthed a sly new malware, putting on its best Bitwarden impression to pilfer precious data from unsuspecting users. Big kudos to Malwarebytes’ Senior Director of Threat Intelligence, Jérôme Segura, for giving them the heads up.
This digital menace, now labeled ZenRAT, is basically like that knockoff purse seller in a digital alleyway. Here’s the sneaky part: The culprits snagged the domain “bitwariden[.]com”, a crafty typo that’s eerily close to the real deal. In the tech world, we call this cheeky maneuver typosquatting. And they didn’t stop there. They meticulously crafted a website that’s the spitting image of Bitwarden’s. Tricky, right?
Windows 11 users, be careful
So, how did these digital tricksters spread the word about their deceptive domain? Proofpoint’s brainiacs are betting on tactics like SEO poisoning, malvertising, or the old-fashioned charm of social engineering.
Here’s the silver lining for Mac and Linux device fans: stroll onto the fake site and hit download, and you’ll be whisked away to a harmless page. But for Windows 11 users – it’s a trap! Click that link, and you’re rolling out the welcome mat for ZenRAT.
Once ZenRAT’s made itself at home, it dials up its command & control pals (or C2, if you’re in the know). This malware then goes on a data-hunting spree. Using crafty WMI queries, it’ll snoop around for your CPU name, GPU name, OS version (did we mention Windows 11 users should beware?), RAM stats, IP details, and even that antivirus software you’re running. And, oh boy, if you’ve stored credentials in your browser, ZenRAT’s snatching those too.
Proofpoint’s sage advice? Stick to trusted digital watering holes when downloading software. Yet, here’s the kicker: even the keen-eyed can be duped. Picture this: a sham Bitwarden ad sneaking onto Google. Given the doppelganger website and the sneaky URL, this scheme can reel in quite the catch.
As for the damage report? We’re still tallying up how many folks have been bamboozled into downloading this treacherous malware.
Kerem from Turkey has an insatiable curiosity for the latest advancements in tech gadgets and a knack for innovative thinking. With 3 years of experience in editorship and a childhood dream of becoming a journalist, Kerem has always been curious about the latest tech gadgets and is constantly seeking new ways to create. As a Master's student in Strategic Communications, Kerem is eager to learn more about the ever-evolving world of technology. His primary focuses are artificial intelligence and digital inclusion, and he delves into the most current and accurate information on these topics. You can always reach Kerem from LinkedIn.
Latest from Kerem Gülen
You may also like
NewsBorderlands 4 confirms that its DLC will expand the game's story and receives a release date
Read more
NewsThe third season of One Punch Man premieres with strong controversies due to its animation
Read more
NewsThe main protagonist of the Alien story wants to star in a movie of the franchise again
Read more
NewsNetflix's intentions with The Kpop Warriors are being ruined by its original creators
Read more
NewsDoctor Who could be on the verge of cancellation, according to its showrunner
Read more
NewsFinal Fantasy XIV surprises with an update that addresses all the players' issues
Read more