An investigation has been conducted into a malicious campaign that targeted smartphone users. The OnlyFans content being distributed is a fake version of OnlyFans’ content. This is used in this campaign to infect victims’ devices with malware called DcRAT. This steals data and credentials on the device or encrypts it with a ransom note. Considering that the campaign has been running since January 2023, it is one of the highest risks to users’ devices and personal information.
The subscription service OnlyFans provides paid subscribers access to private photos, videos, and posts posted by celebrities, adult models, and social media personalities. This is done through a private area of their website.
As one of the most popular websites out there with a well-known name, it can prove to be a magnet for those seeking free access to paid content as it caters to a broad audience.
eSentire has discovered an upcoming campaign that was recently launched and has been running since January 2023. In other words, this program spreads ZIP files containing VBScript loaders. These loaders are tricked into being executed by the victim, believing that they are about to unlock premium collections of OnlyFans by manually executing the loader.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: