Skip to main content
  1. Home
  2. Computing
  3. News

Hackers are using this incredibly sneaky trick to hide malware

By
Add as a preferred source on Google

One of the most important things you can do to protect your online security is install one of the best password managers, but a recent cyberattack proves that you have to be careful even when doing that. Thanks to some sneaky malware hidden in Google Ads, you could end up with viruses riddling your PC.

The issue affects popular password manager KeePass — or rather, it attempts to impersonate KeePass by using misleading Google Ads. First spotted by Malwarebytes, the nefarious link appears at the top of search results, meaning you’ll likely see it before the legitimate websites that follow beneath it.

A hacker typing on an Apple MacBook laptop, which shows code on its screen.
Sora Shimazaki / Pexels

Ordinarily, this might not be a problem. That’s because Google Ads show the target website’s address before you click the link, so you may recognize it as a fake. However, in this case, the KeePass impersonator uses a clever trick to mask its URL, making it look like the advert links through to the official KeePass website. That devious deception could fool even the most security-conscious web user.

Recommended Videos

The malware website uses Punycode, which can insert special characters into website addresses. In this case, it replaces the K in KeePass with a K that has an almost indistinguishable accent below it. At a quick glance, you might not even notice it. In the end, it means you won’t be visiting the true KeePass website.

How to stay safe

A search result showing a malicious Google Ad for the KeePass password manager, with the advert impersonating the official website.
Malwarebytes

Once you click the malicious link, you are quickly redirected through a variety of URLs that are used to check visitors and filter them out. If the websites determine that you are a bot or running your web browser in a locked-down sandbox environment, you won’t make it to the final destination. If you are deemed to be a genuine user, you’ll end up on the malware website.

Once there, you’ll be prompted to download a virus that is disguised as the KeePass password manager. In an earlier analysis, security firm Sophos found that this virus is linked to a variety of malicious apps that steal your passwords, credit card data, and more.

How can you stay safe from this kind of malware? The first and most obvious answer is to use an ad blocker extension in your web browser. This will prevent these malicious websites from ever reaching you, no matter how sophisticated their deceitful tricks are.

Other than that, it’s important to install a strong antivirus app. If you don’t use an ad blocker, you should be extremely careful when clicking any advert that appears in search results. If you’re not, you could end up falling victim to malware without even realizing it.

Alex Blake
Alex Blake
Computing Writer
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Topics
Google just gave Workspace a 24/7 AI agent that sends emails and books meetings while you sleep
Google announcing five Workspace features at once is either confidence or chaos, but Gemini Spark acting on your behalf while you sleep is the one that actually changes what a productivity suite is supposed to do.
Google AI Inbox for Gmail users.

At the I/O 2026, Google announced several AI-powered updates for its Workspace apps. The main highlight of the announcement is Gemini Spark, a 24/7 personal AI agent that doesn’t just answer questions but takes actions on your behalf. 

It can send emails, add calendar events, and complete tasks across Workspace apps. And before you even ask, it asks before doing a high-stakes task, and you can choose whether you want to enable it or not. It's coming soon in preview for Workspace business customers in the Gemini app.

Read more
Gemini can now make videos, brief your morning, and do digital chores while you sleep
Gemini is now an AI intern that never logs off
Google Gemini App gets a major update

Google is giving the Gemini app a massive update, bringing a bunch of nifty changes. The chatbot phase is fading, and the company now wants Gemini to become something closer to a full-time digital assistant.

During Google I/O 2026, the company announced a redesigned Gemini app along with a new model, proactive daily summaries, video tools, and a 24/7 agent called Gemini Spark. Google claims that Gemini has now reached more than 900 million monthly users across 230 countries and more than 70 languages, up from 400 million last year.

Read more
Google Search is getting AI agents that will monitor the web for you
Set up an agent once, and Search will notify you when it finds what you're looking for.
Google Search information agents featured

Google used its I/O 2026 keynote to announce a major overhaul of Search, introducing AI agents, a redesigned search box, and agentic coding capabilities that can generate custom apps and dashboards on the fly.

A new search box

Read more