Advertisement

News

Windows 11 users, don’t fall into the fake password generator scam

Windows 11 users, don’t fall into the fake password generator scam
Kerem Gülen

Kerem Gülen

Proofpoint’s cybersecurity sleuths just unearthed a sly new malware, putting on its best Bitwarden impression to pilfer precious data from unsuspecting users. Big kudos to Malwarebytes’ Senior Director of Threat Intelligence, Jérôme Segura, for giving them the heads up.

This digital menace, now labeled ZenRAT, is basically like that knockoff purse seller in a digital alleyway. Here’s the sneaky part: The culprits snagged the domain “bitwariden[.]com”, a crafty typo that’s eerily close to the real deal. In the tech world, we call this cheeky maneuver typosquatting. And they didn’t stop there. They meticulously crafted a website that’s the spitting image of Bitwarden’s. Tricky, right?

Windows 11 DOWNLOAD

Windows 11 users, be careful

So, how did these digital tricksters spread the word about their deceptive domain? Proofpoint’s brainiacs are betting on tactics like SEO poisoning, malvertising, or the old-fashioned charm of social engineering.

Here’s the silver lining for Mac and Linux device fans: stroll onto the fake site and hit download, and you’ll be whisked away to a harmless page. But for Windows 11 users – it’s a trap! Click that link, and you’re rolling out the welcome mat for ZenRAT.

Once ZenRAT’s made itself at home, it dials up its command & control pals (or C2, if you’re in the know). This malware then goes on a data-hunting spree. Using crafty WMI queries, it’ll snoop around for your CPU name, GPU name, OS version (did we mention Windows 11 users should beware?), RAM stats, IP details, and even that antivirus software you’re running. And, oh boy, if you’ve stored credentials in your browser, ZenRAT’s snatching those too.

Proofpoint’s sage advice? Stick to trusted digital watering holes when downloading software. Yet, here’s the kicker: even the keen-eyed can be duped. Picture this: a sham Bitwarden ad sneaking onto Google. Given the doppelganger website and the sneaky URL, this scheme can reel in quite the catch.

As for the damage report? We’re still tallying up how many folks have been bamboozled into downloading this treacherous malware.

Kerem Gülen

Kerem Gülen

{ "de-DE": "", "en-US": "Kerem from Turkey has an insatiable curiosity for the latest advancements in tech gadgets and a knack for innovative thinking. With 3 years of experience in editorship and a childhood dream of becoming a journalist, Kerem has always been curious about the latest tech gadgets and is constantly seeking new ways to create. As a Master's student in Strategic Communications, Kerem is eager to learn more about the ever-evolving world of technology. His primary focuses are artificial intelligence and digital inclusion, and he delves into the most current and accurate information on these topics. You can always reach Kerem from LinkedIn.", "es-ES": "Kerem, de Turquía, tiene una curiosidad insaciable por los últimos avances en aparatos tecnológicos y un don para el pensamiento innovador. Con tres años de experiencia como redactor y el sueño de su infancia de ser periodista, Kerem siempre ha sentido curiosidad por los últimos gadgets tecnológicos y busca constantemente nuevas formas de crear. Como estudiante de Máster en Comunicación Estratégica, Kerem está ansioso por aprender más sobre el mundo de la tecnología, en constante evolución. Sus principales intereses son la inteligencia artificial y la inclusión digital, y profundiza en la información más actual y precisa sobre estos temas. Siempre puedes contactar con Kerem desde LinkedIn.", "fr-FR": "", "it-IT": "", "ja-JP": "", "nl-NL": "", "pl-PL": "", "pt-BR": "", "social": { "email": "", "facebook": "", "twitter": "", "linkedin": "", } }

Latest from Kerem Gülen

Advertisement