Threats Tagged 'fake software'
View all threats tagged with 'fake software'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'fake software'
Click on any threat for detailed analysis and mitigation recommendations
How a single ScreenConnect incident exposed a massive campaign 0 A massive campaign distributes malicious installer archives hosted on spoofed websites masquerading as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam. Over 90 domain names localized across 10 languages were discovered. The malicious archives bundle a legitimate Microsoft-signed install.exe binary with a rogue install.res.1033.dll library deployed via DLL sideloading. This installs the ScreenConnect remote access service, which then deploys AsyncRAT payloads through PowerShell and VBS scripts. The threat actors leverage SEO techniques to position fraudulent sites at the top of search engine results, targeting both individual users and corporate networks. The infrastructure spans three IP addresses with domains registered between October 2025 and March 2026, creating a global footprint with multi-language support. Join the discussion | AlienVault OTX General | 07/01/2026, 16:52:43 UTC Added: 07/02/2026, 07:06:43 UTC |
Showing 1 to 1 of 1 result