13
Phishing-Website: bitwarden[.]net (feddit.de)
submitted 1 year ago* (last edited 1 year ago) by hyazinthe@feddit.de to c/bitwarden@discuss.tchncs.de
5 comments fedilink hide all child comments

Edit (Update/Correction):

It looks like I was very likely wrong (a good thing in this case!).

According to this entry in the official Bitwarden Help Center bitwarden[.]net is official too!

Its still weired that the login failed multiple times and bitwarden[.]net doesn't redirect to the homepage, as the other official domains do, and so on.

Nonetheless, all seems to be fine, gladly. Thanks for your input.

I've tried to log into Bitwarden and used vault.bitwarden[.]net, it failed. Also, this page is the only one on this domain (nothing on bitwarden[.]net) and the SSL Certificate differs.

vault.bitwarden.com (and bitwarden.com) behaves as expected.

I think I've actually used a phishing site. 2FA probably safed me pretty hard. Changed creds.

top 3 comments
sorted by: hot top controversial new old
[-] federalreverse@feddit.de 3 points 1 year ago* (last edited 1 year ago)

Might be a testing/beta website, note the version number displayed at the bottom:

  • .net is at Version 2023.5.1
  • .com is at Version 2023.5.0

Also, the login form definitely does behave like the original site (given that Bitwarden is open-source, that is extremely easy to accomplish, however).

[-] hyazinthe@feddit.de 2 points 1 year ago* (last edited 1 year ago)

Interesting. I've updated my post, .net is official according to their help center (linked in post).

[-] dubbel@discuss.tchncs.de 1 points 1 year ago

whois data is redacted for privacy in both cases, but given that the domain is registered since 2018 I guess it's benign or somebody is in it for the long con.

load more comments
view more: next ›
this post was submitted on 03 Jul 2023
13 points (100.0% liked)

Bitwarden

719 readers
12 users here now

Discuss the Paswordmanager Bitwarden.

founded 1 year ago
MODERATORS
wuffa@discuss.tchncs.de