Mastodawn

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/q (injected)
-->
wexlunto[.]top/session/realm-response.php
-->
wexlunto[.]top/session/login-stylesheet.js (clickfix)
-->
salkunet[.]com/v1/user/py (HTA)

Monitor SG 3h ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/q (injected)
-->
wexlunto[.]top/session/realm-response.php
-->
wexlunto[.]top/session/login-stylesheet.js (clickfix)
-->
pelgiron[.]com/v1/user/py (HTA)

Monitor SG 9h ago

Detected #SmartApeSG infection chain

Compromised site
-->
tirqavem[.]top/session/realm-response.php
-->
tirqavem[.]top/session/login-stylesheet.js (clickfix)
-->
pelgiron[.]com/v1/user/py (HTA)

Monitor SG 10h ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/meta.google.com (injected)
-->
wexlunto[.]top/session/version-header.js
-->
wexlunto[.]top/session/realm-response.php
-->
wexlunto[.]top/session/login-stylesheet.js (clickfix)
-->
pelgiron[.]com/v1/user/py (HTA)

Monitor SG 21h ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/q (injected)
-->
bemqorli[.]top/logout/route-sessionstore.php
-->
bemqorli[.]top/logout/signup-sandbox.js (clickfix)
-->
nivraxod[.]com/opo/call (HTA)

Monitor SG 22h ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/d.js (injected)
-->
bemqorli[.]top/logout/admin-worker.js
-->
bemqorli[.]top/logout/route-sessionstore.php
-->
bemqorli[.]top/logout/signup-sandbox.js (clickfix)
-->
nivraxod[.]com/opo/call (HTA)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
bemqorli[.]top/logout/route-sessionstore.php
-->
bemqorli[.]top/logout/signup-sandbox.js (clickfix)
-->
nivraxod[.]com/opo/call (HTA)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
xartelvu[.]top/logout/route-sessionstore.php
-->
xartelvu[.]top/logout/signup-sandbox.js (clickfix)
-->
nivraxod[.]com/opo/call (HTA)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/q (injected)
-->
xartelvu[.]top/logout/route-sessionstore.php
-->
xartelvu[.]top/logout/signup-sandbox.js (clickfix)
-->
nivraxod[.]com/opo/call (HTA)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/q (injected)
-->
bruxelti[.]top/session/role-pipeline.php
-->
bruxelti[.]top/session/signin-component.js (clickfix)