Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Open source password manager turned into malware, and hackers set up Keepass copycat "Li Gui" official website.

2025-04-11 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Share

Shulou(Shulou.com)11/24 Report--

Thanks to CTOnews.com netizen Coje_He for the clue delivery! CTOnews.com October 20 news, security personnel Malwarebytes recently found that a well-known open source password manager KeePass in Google search "the same URL" of the "shanzhai official website", users enter the "shanzhai official website", download is a malicious Trojan horse.

▲ source Malwarebytes is reported that Google has removed the relevant fake KeePass official website, and according to Malwarebytes's previous capture of the screen shows that when users search for KeePass in Google, the first thing that pops up is the fake official website, followed by KeePass's official website, the two sites have exactly the same interface, and even the URL is "the same".

▲ drawing source MalwarebytesCTOnews.com Note: DNS generally uses ASCII characters to display domain names, but there are problems in identifying domain names containing non-ASCII characters, and the Punycode coding system arises at the historic moment, which can convert non-ASCII characters into ASCII format, thus solving the problem of interworking between domain names and DNS.

The hacker uses the Punycode coding system to convert a domain name into ASCII format, presenting a URL that is almost the same as KeePass's official website keepass.info. In fact, the URL name of the malicious website is "eepass [.] Info, you have to be very careful to see that there is a little more under k, which can be described as the difference between "Li Kui" and "Li Gui".

If the ▲ image source Malwarebytes user decides incorrectly, after entering the fake KeePass website, the "password manager" downloaded is actually malicious software, which contains the FakeBat Trojan, which can be linked with the server set by the hacker, thus enabling the hacker to obtain password information.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Copycat name domain name URL website password malicious same character Trojan user hacker management actual actually format system code problem search vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Huawei Microsoft MariaDB NVidia OPPO Reno Shulou Tech Info vpn macOS Shulou Technology Apple Shulou Information Docker MySQL Redmi Xiaomi Linux Huawei Microsoft MariaDB NVidia OPPO Reno Shulou Tech Info vpn macOS Shulou Technology Apple Shulou Information Docker MySQL Redmi Xiaomi Linux

Share To

Related

IT Information

More IT Information >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report