Mastodawn

Detected #SmartApeSG infection chain

Compromised site
-->
coralwayfinder[.]top/status/secure-template
-->
coralwayfinder[.]top/status/signin-dom.js (clickfix)

Monitor SG 17h ago

Detected #SmartApeSG infection chain

Compromised site
-->
divinenarratives[.]org/d.js (injected)
-->
velvetcrossing[.]top/profile/callback-schema.js
-->
velvetcrossing[.]top/profile/private-sessionstore
-->
velvetcrossing[.]top/profile/logout-state.js (clickfix)

Monitor SG 21h ago

Detected #SmartApeSG infection chain

Compromised site
-->
spaceco[.]com/rkc (injected)
-->
cobaltmeadow[.]top/profile/callback-schema.js
-->
cobaltmeadow[.]top/profile/private-sessionstore
-->
cobaltmeadow[.]top/profile/logout-state.js (clickfix)

Monitor SG 23h ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/meta.google.com (injected)
-->
cobaltmeadow[.]top/profile/callback-schema.js
-->
cobaltmeadow[.]top/profile/private-sessionstore
-->
cobaltmeadow[.]top/profile/logout-state.js (clickfix)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
cobaltmeadow[.]top/profile/private-sessionstore
-->
cobaltmeadow[.]top/profile/logout-state.js (clickfix)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
ibharcan[.]com/q (injected)
-->
velvetcrossing[.]top/profile/callback-schema.js
-->
velvetcrossing[.]top/profile/private-sessionstore
-->
velvetcrossing[.]top/profile/logout-state.js (clickfix)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/d.js (injected)
-->
cobaltmeadow[.]top/profile/callback-schema.js
-->
cobaltmeadow[.]top/profile/private-sessionstore
-->
cobaltmeadow[.]top/profile/logout-state.js (clickfix)

Monitor SG 1d ago

Detected #SmartApeSG infection chain

Compromised site
-->
divinenarratives[.]org/d.js (injected)
-->
ivoryharvest[.]top/refresh/legacy-layout.js
-->
ivoryharvest[.]top/refresh/login-fetch
-->
ivoryharvest[.]top/refresh/oauth-thread.js (clickfix)

Monitor SG 2d ago

Detected #SmartApeSG infection chain

Compromised site
-->
cpajoliette[.]com/d.js (injected)
-->
ivoryharvest[.]top/refresh/legacy-layout.js
-->
ivoryharvest[.]top/refresh/login-fetch
-->
ivoryharvest[.]top/refresh/oauth-thread.js (clickfix)

OTX Bot 2d ago

SmartApeSG Launches Okendo Reviews Supply Chain Attack

Security researcher ThreatLabz has identified a supply chain attack involving a popular customer review platform, known as Okendo Reviews, which has been compromised by the SmartApeSG threat actor, who used JavaScript to deliver malware.

Pulse ID: 6a38d580a99b572f5909f029
Pulse Link: https://otx.alienvault.com/pulse/6a38d580a99b572f5909f029
Pulse Author: CyberHunter_NL
Created: 2026-06-22 06:26:08

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Java #JavaScript #Malware #OTX #OpenThreatExchange #SmartApeSg #SupplyChain #ThreatLabz #bot #CyberHunter_NL

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange