Fake KeePass site uses Google Ads and Punycode to push malware

Malwarebytes has discovered a Google Ads campaign promoting a fake KeePass password manager download site to distribute malware. The malvertising used Punycode to make the domain look like the official KeePass site. Users are sent through a series of redirects to reach the fake site, whose domain name is similar to the real one. The Punycode tactic and Google Ads abuse indicate a concerning trend in cybercrime.