Unsolved
10 Elder
•
44.4K Posts
0
297
BItwarden password manager phishing attack
Hackers somehow managed to get a phishing website to top of a Google ads campaign when somebody searches for the Bitwarden password manager.
The link goes to bitwardenlogin.com, which spoofs the real Bitwarden home page, which is bitwarden.com, and their real log-in page which is vault.bitwarden.com.
The spoofed site apparently looks totally authentic and accepts the user's Bitwarden log-in credentials and then redirects the user to the real Bitwarden log-in page. Too late! They've already stolen the user name and master password...
Read more at BleepingComputer which shows an image of the fake ad...
John harper
2 Intern
2 Intern
•
346 Posts
0
March 21st, 2023 03:00
Your data is fully encrypted and/or hashed before ever leaving your local device, so no one from the Bitwarden team can ever see, read, or reverse engineer to get to your real data. Bitwarden servers only store encrypted and hashed data.