SmartApeSG Hijacks ClickFix to Deploy Remcos RAT

Security researchers have uncovered a new SmartApeSG campaign that compromises legitimate ClickFix support pages. By injecting malicious code into these trusted URLs, the attackers silently serve the Remcos Remote Access Trojan to unsuspecting visitors, effectively using a reputable third‑party service as a distribution platform.

The Remcos RAT provides full system control, data exfiltration, and lateral movement capabilities, posing a serious threat to enterprise networks. Defenders must treat compromised legitimate domains as high‑risk, implement URL filtering and threat‑intel enrichment for ClickFix traffic, and update detection signatures to catch the hidden payloads before they reach endpoints.

Categories: Threat Intelligence, Malware & Ransomware

Source: Read original article