A highly sophisticated malware campaign linked to the SmartApeSG threat actor (also known as ZPHP/HANEYMANEY) has been active since early 2024, leveraging compromised websites to distribute NetSupport RAT and StealC malware through deceptive browser update notifications.
The attackers have injected malicious JavaScript into legitimate websites, displaying deceptive warnings that claim a browser module in Chrome, Edge, or Firefox is outdated and needs an update.
To stay safe, always check for browser updates manually rather than clicking on pop-ups or website links, no matter how legitimate they appear.
- On Chrome: At the top right, click ⋮ > Help > About Google Chrome.
- On Edge: Click … > Help and feedback > About Microsoft Edge.
- On Firefox: Click ≡ > Help > About Firefox.
After updating, restart your browser to ensure the installation is complete. All browsers should be configured to update automatically.