Beware – this fake KeePass download site is just spreading malware

Hackers have begun distributing malware via Google Ads campaigns, in a new technique discovered by cybersecurity researchers Malwarebytes. Criminals have replicated the KeePass password manager’s website and offered downloads that feel identical but contain the FakeBat malware loader. They then use Punycode – an encoding standard for non-Latin-based scripts – to disguise the malicious website’s URL in their Google Ads to direct users to the download.