IOC Radar
TLP:WHITE1 IOC

Fake Malware TOAD via Malvertizing

MA
MalasadaTech
Published November 19, 2025Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREfederalpay.orgCAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(1)
Capability
Victim

Attack Flow5 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1189
1/5
Drive-by Compromise
ActionServe malicious ads
Malicious ads were served on federalpay[.]org, leading users to a fake TOAD URL.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
Domainfederalpay.org
intel-blogmalwarenetwork
High
58
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
Domain
Domain1REPORTFake Malware TOAD via Malv
scroll to zoom · drag to pan · click IOC to open