NetSupportManager RAT

Also known as: NetSupport

Enigma Software notes that NetSupport Manager is a genuine application, which was first released about twenty years ago. The purpose of the NetSupport Manager tool is to enable users to receive remote technical support or provide remote computer assistance. However, cyber crooks have hijacked this useful application and misappropriated it to use it in their harmful campaigns. The name of the modified version of the NetSupport Manager has been labeled the NetSupport Manager RAT.

C2 Infrastructure

Hosting/VPS100%

Last 7 days

Apr 18, 2026

C2 Hosts: 12

Apr 15, 2026

C2 Hosts: 4

Apr 14, 2026

C2 Hosts: 1

Daily C2 host counts for the last 7 days
Date	C2 Hosts
Apr 18, 2026	12
Apr 15, 2026	4
Apr 14, 2026	1

Further Reading

GrayAlpha Unmasked: New FIN7-Linked Infrastructure, PowerNet Loader, and Fake Update Attacks

Insikt Group exposes GrayAlpha’s evolving infrastructure and infection methods—including PowerNet and MaskBat loaders, fake 7-Zip sites, and the undocumented TAG-124 network—linking the group to FI...

recordedfuture.com

Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs - Rewterz

Severity High Analysis Summary Microsoft stated that it is disabling the ms-appinstaller protocol handler again after various threat actors exploited it as an initial access vector to distribute ma...

Tracing the Path from SmartApeSG to NetSupport RAT | Team Cymru

Investigation reveals how SmartApeSG delivers NetSupport RAT, exposing links to RAT clusters, crypto services, and suspicious infrastructure. Learn more.

SmartApeSG walkthrough - ThreatDown by Malwarebytes

In this walkthrough, we test SmartApeSG, a malware campaign distributed via compromised sites.

New OpcJacker Malware Distributed via Fake VPN Malvertising

We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second hal...