One of the incredible perks of getting your phishing/malware site on the .com tld of your target website is the amount of people who will visit your site directly without even going through google.
Also, in my experience, Google is very receptive to and decisive on phishing and malware complaints. I've worked on websites that are constant phishing/malware targets and Google moved quickly with us on getting that "this is a malicious website" splash page into Chrome.
Since this has been going on for a year, I'd be shocked if the Keepass people even tried. Not even a mention of it on their homepage to help their users pick the legit one?
Also, in my experience, Google is very receptive to and decisive on phishing and malware complaints. I've worked on websites that are constant phishing/malware targets and Google moved quickly with us on getting that "this is a malicious website" splash page into Chrome.
Since this has been going on for a year, I'd be shocked if the Keepass people even tried. Not even a mention of it on their homepage to help their users pick the legit one?