A new report from cybersecurity software firm Malwarebytes Inc. has detailed a malvertising attack that exploits Google LLC ads to trick users into visiting a fake site for the open-source password management KeePass. Described by the Malwarebytes Labs researchers as being “clever,” the attack methodology involves the attackers impersonating the official KeePass website using the Punycode character encoding system to allow them to register domains that visually appear very similar to legitimate ones.

Source: SiliconANGLE