This report details technical activity observed on April 6, 2026, associated with the SmartApeSG campaign. The attack sequence involves script injection into compromised websites, which subsequently redirects users to a fraudulent CAPTCHA page. This page utilizes 'ClickFix' social engineering tactics to trick users into executing malicious commands that lead to a malware infection on the victim's Windows host.
The analysis provides several forensic artifacts, including HTTPS traffic logs and PCAP files, alongside the malware samples themselves. These files document the infection chain from the initial web-based injection to the establishment of persistence on the local system, offering critical data for incident responders and network defenders.
Top comments (0)