|
|
|
|
|
|
by fwn
395 days ago
|
|
|
> The attack ... involved modifying and re-signing KeePass installers with trusted certificates to deliver a custom malware loader ... The infection chain began with malvertising campaigns on popular search engines ... directing users to fraudulent download pages ... I have my own issues with KeePass, but, to be fair, this was not a KeePass problem. It was a trust problem, starting with search ads and ending in tricking users to install a fake app. If anything, threat actors "weaponized" irresponsible advertising. |
|
|