Possibilities stars abused an unbarred redirect to your authoritative webpages off the newest United Kingdom’s Service having Environment, Dining & Rural Affairs (DEFRA) to help you head people to fake OnlyFans online dating sites.
OnlyFans are a content registration solution in which repaid website subscribers score accessibility so you’re able to private images, video clips, and you will postings away from mature activities, famous people, and you will social networking characters.
As it is a widely used site, in addition to name is identifiable, threat stars have created a few bogus OnlyFans mature dating internet sites to increase customers or bargain people’s private information.
Harming open redirect towards the DEFRA
As part of which harmful strategy, danger kissbrides.com Klikk pГҐ denne lenken actors abused an open redirect at that appeared as if a beneficial genuine U.K. regulators hook but rerouted men and women to the newest fake OnlyFans dating website.
Redirects are legitimate URLs on website web addresses that automatically redirect users from the initial site to another URL, commonly at an external site.
An open redirect can be modified by anyone, allowing threat actors and scammers to create redirects from a legitimate site to any site they want.
This allows threat actors to abuse open redirects and cause legitimate links to appear in search results that send visitors to websites under their control to display phishing forms or deliver malware.
The malicious campaign abusing the open redirect on DEFRA's river conditions site was discovered last week by analysts at Pen Test Partners, who shared their findings with BleepingComputer.