Hackers are using this incredibly sneaky trick to hide malware

Tips Clear October 20, 2023 Digital Trending Tips, Technology Comments Off on Hackers are using this incredibly sneaky trick to hide malware 12 Views

One of the most important things you can do to protect your online security is to install one of the best password managers, but a recent cyberattack proves you still have to be careful when doing so. . Due to some hidden malware hidden in Google Ads, your PC may get viruses.

This issue affects the popular password manager KeePass – or rather, it attempts to impersonate KeePass by using deceptive Google ads. First spotted by Malwarebytes, the nefarious link appears at the top of search results, meaning you’ll see it before legitimate websites appear below it.

A hacker is typing on an Apple MacBook laptop, showing code on his screen.
Sora Shimazaki/Pexels

Normally, this may not be a problem. This is because Google Ads shows the address of the target website before you click on the link, so you can identify it as fake. However, in this case, the KeePass impersonator uses a clever trick to disguise its URL, making it look like an advertising link to the official KeePass website. That devious deception can fool even the most security-conscious web user.

The malware website uses Punycode, which can insert special characters into website addresses. In this case, it replaces the K in KeePass with a K with an almost indistinguishable pronunciation below. At a cursory glance, you might not even notice it. Finally, this means that you will not visit the actual KeePass website.

how to stay safe

A search result showing a malicious Google ad for KeePass Password Manager, with the ad impersonating the official website.
Malwarebytes

Once you click on the malicious link, you are immediately redirected through a variety of URLs that are used to screen and filter visitors. If websites determine that you are a bot or running your web browser in a locked-down sandbox environment, you will not be able to make it to the final destination. If you are considered a genuine user, you will be redirected to the malware website.

Once there, you’ll be asked to download a virus that disguises itself as KeePass Password Manager. In an earlier analysis, security firm Sophos found that this virus is linked to a variety of malicious apps that steal your passwords, credit card data, and more.

How can you stay safe from this type of malware? The first and most obvious answer is to use an ad blocking extension in your web browser. This will prevent these malicious websites from reaching you, no matter how sophisticated their fraudulent tactics are.

Also, it is important to install a strong antivirus app. If you do not use an ad blocker, you should be extremely careful when clicking on any advertisements that appear in search results. If you are not, you may become a victim of malware without even thinking.

 

 

About Tips Clear

Tips Clear is a seasoned writer and digital marketing expert with over a decade of experience in creating high-quality, engaging content for a diverse audience. He specializes in blogging, SEO, and digital marketing strategies, and has a deep understanding of the latest trends and technologies. Tips Clear's work has been featured on various prominent platforms, and he is committed to providing valuable insights and practical tips to help readers navigate the digital landscape.