Skip to main content
  1. Home
  2. Computing
  3. News

Hackers are using this incredibly sneaky trick to hide malware

Add as a preferred source on Google

One of the most important things you can do to protect your online security is install one of the best password managers, but a recent cyberattack proves that you have to be careful even when doing that. Thanks to some sneaky malware hidden in Google Ads, you could end up with viruses riddling your PC.

The issue affects popular password manager KeePass — or rather, it attempts to impersonate KeePass by using misleading Google Ads. First spotted by Malwarebytes, the nefarious link appears at the top of search results, meaning you’ll likely see it before the legitimate websites that follow beneath it.

A hacker typing on an Apple MacBook laptop, which shows code on its screen.
Sora Shimazaki / Pexels

Ordinarily, this might not be a problem. That’s because Google Ads show the target website’s address before you click the link, so you may recognize it as a fake. However, in this case, the KeePass impersonator uses a clever trick to mask its URL, making it look like the advert links through to the official KeePass website. That devious deception could fool even the most security-conscious web user.

Recommended Videos

The malware website uses Punycode, which can insert special characters into website addresses. In this case, it replaces the K in KeePass with a K that has an almost indistinguishable accent below it. At a quick glance, you might not even notice it. In the end, it means you won’t be visiting the true KeePass website.

How to stay safe

A search result showing a malicious Google Ad for the KeePass password manager, with the advert impersonating the official website.
Malwarebytes

Once you click the malicious link, you are quickly redirected through a variety of URLs that are used to check visitors and filter them out. If the websites determine that you are a bot or running your web browser in a locked-down sandbox environment, you won’t make it to the final destination. If you are deemed to be a genuine user, you’ll end up on the malware website.

Once there, you’ll be prompted to download a virus that is disguised as the KeePass password manager. In an earlier analysis, security firm Sophos found that this virus is linked to a variety of malicious apps that steal your passwords, credit card data, and more.

How can you stay safe from this kind of malware? The first and most obvious answer is to use an ad blocker extension in your web browser. This will prevent these malicious websites from ever reaching you, no matter how sophisticated their deceitful tricks are.

Other than that, it’s important to install a strong antivirus app. If you don’t use an ad blocker, you should be extremely careful when clicking any advert that appears in search results. If you’re not, you could end up falling victim to malware without even realizing it.

Alex Blake
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Meta’s detection tool fails to identify photos generated by its own Muse Image AI
Meta has created an invisible watermarking tool called Content Seal that is embedded in all images generated by the Muse Image AI.
Meta AI identification tool.

Earlier this week, Meta announced two new AI products, namely, Muse Image and Muse Video. As the name suggests, these are generative AI tools for making photos and video clips using natural language text prompts. Soon after their rollout commenced, these tools sparked controversy because Meta had automatically opted in Instagram users, allowing others to use their publicly posted media and convert them into remixed AI content. But it appears that Meta courted another loss on its side of the court.

What's the problem?

Read more
Your Google AI Studio apps can finally have polished, presentable web links
AI Studio web apps can now use personalized subdomains
google ai studio logos

Google AI Studio has made building a web app surprisingly easy. You can describe what you want, refine the design through prompts, and publish the result without setting up a traditional development environment. An awkward point of friction comes after deployment, when the finished app still has to live behind a long, forgettable Cloud Run link.

Google is now cleaning up that final step. AI Studio lets you assign a deployed web app a personalized address under the “ai.studio” domain, such as “your-app-name.ai.studio.” A recognizable URL should make the project look more presentable in a portfolio, client demo, social post, or internal project page.

Read more
You can now check if a Google ad was made using AI
Google will auto-label its own AI ads, but third-party AI ads still rely on advertisers to come clean.
google-ads-ai-label

Ever looked at an ad and wondered if a real person made it or if it was AI generated in seconds? Google is now giving you a way to find out.

The company just announced a new AI transparency label that tells you whether an ad was created or edited using generative AI tools. The label lives inside Google's My Ad Center, and it is rolling out across Google Search, YouTube, and Discover globally.

Read more