259
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 17 Feb 2026
259 points (89.8% liked)
Technology
85059 readers
4406 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS
From what I scanned, there was no reason given on why they only attacked cloud based providers.
My guess is that these are paid ones and thus have a 'market share', easier to attack etc.
If you attack a 'keepass' password the attack vector is more crypto / memory based as far as my limited knowledge goes and not some funky inbetween attack.
Also, if you attack a cloud base provides, you will most likely have multiple victims per breach / exploit, whilst offline are targeted and thus not so interesting in most cases unless we're talking about a person of interest
Oh okay so they probably delivered malicious code to the user entering their passwords... Well even an offline pw manager can be compromised in the code.