This activity report details a SmartApeSG malware campaign observed on April 6, 2026. The attack begins with a malicious script injected into compromised websites, which subsequently redirects users to a fake CAPTCHA page. This page utilizes "ClickFix" instructions to trick users into executing malicious code, ultimately leading to malware persistence on the target Windows host.
The report includes several associated files for analysis, such as network traffic PCAPs (HTTP and HTTPS) and various malware samples. Indicators of compromise are documented through visual evidence of the script injection, the deceptive CAPTCHA interface, and the resulting persistent malware components on the infected system.
Top comments (0)