Uncovering Cyber Threat Networks: SmartApeSG & NetSupport RAT
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
This investigation explores the connections between SmartApeSG, a FakeUpdate threat, and NetSupport RAT. Through analysis of Internet telemetry data, the research uncovered related C2 management hosts, active NetSupport RAT servers, and cross-connections to suspicious infrastructure. Key findings include the identification of Moldovan IPs used for C2 management, an active NetSupport RAT cluster with old C2s still receiving victim communication, and potential links between SmartApeSG and NetSupport RAT infrastructures. The investigation also revealed connections to Quasar RAT and cryptocurrency-related activities. The research demonstrates how pivoting through Internet telemetry data can uncover complex threat actor infrastructures and their persistent evolution.
OPENCTI LABELS :
socgholish,netsupport rat,cryptocurrency,quasar rat,fakeupdate,clearfake,smartapesg,c2 infrastructure,moldovan ips,pivoting analysis,landupdate808,ispmanager,lycantrox
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Uncovering Cyber Threat Networks: SmartApeSG & NetSupport RAT