Fake error popups are spreading malware quickly

Security researchers say a packaged tool called ErrTraffic is being sold on underground forums and automates fake error pop-ups on compromised websites. Campaign data reported by analysts shows high success rates and cross-platform reach, with the broader response still undetermined.

A new cybercrime tool called ErrTraffic has been identified on underground forums and is making it easier for attackers to deliver malware via fake error messages. Analysts reported tracking its promotion in early December 2025 and describe it as an automated package sold to criminals for a fee. The tool adapts messages to the visitor’s system and language and operates through a small code insertion on compromised websites. Key details: - Security analysts at Hudson Rock reported spotting ErrTraffic on Russian-language forums in early December 2025 and say the package is offered for roughly $800. - The tool uses a simple web script to display convincing fake error pop-ups tailored to the visitor’s operating system and browser, and it has been observed affecting Windows, Android, macOS and Linux users. - Campaign data reported by researchers shows high interaction rates, with conversion figures approaching 60%, and the attacks spread as compromised sites become additional delivery points. Summary: The reporting indicates ErrTraffic lowers the technical barrier for distributing malware by automating fake error pop-ups and expanding reach through compromised sites, which can lead to credential theft and wider account compromise. Researchers have published findings on its behavior, and the next broader technical or legal response is undetermined at this time.