Mastodawn

Team KeePassXC May 21, 2025

🚨 *Attention!* We were made aware of a fake “KeePassXC Password Manager Pro” repository on GitHub that links to unverified external binary downloads.
- There is NO Pro version of KeePassXC!
- You get all the “Pro” features with the regular version.
Please download KeePassXC only from trusted distribution channels linked on https://keepassxc.org/ !

KeePassXC Password Manager

Show thread

Landry MINOZA May 21, 2025

@keepassxc It could be worse than just "we will make you pay for a free software developped by someone else" maybe…
Do you think it could be related to the same sort of attack than against keepass ?
https://www.bleepingcomputer.com/news/security/fake-keepass-password-manager-leads-to-esxi-ransomware-attack/

Fake KeePass password manager leads to ESXi ransomware attack

Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network.

BleepingComputer

Show thread

Team KeePassXC

@lminoza Since there isn't any sort of payment involved, I would assume it's just some sort of malicious fork.