SecTopRAT Malware — Analysis, Campaigns & Threat Activity

Threat entity extracted from intelligence sources

Frequency
4
occurrences
First Seen
November 27, 2025
Last Seen
May 26, 2026

SecTopRAT is a malware family tracked across 4 threat clusters and 4 intelligence report mentions on ThreatCluster. First observed November 27, 2025; most recent activity May 26, 2026.

Related Threat Clusters

  • ClearFake Campaign Uses Smart Contracts for C&C on BSC Testnet

    In May 2026, TrendAI™ Research reported on a cyber intrusion involving the ClearFake campaign, where threat actors utilized the EtherHiding technique to deliver payloads via smart contracts on the BNB Smart Chain…

    2 articles · Updated May 26, 2026
  • UK Retail Cyber Attacks Show No Seasonal Spike Amid Holiday Concerns

    Analysis of cybersecurity incidents in the UK retail and manufacturing sectors reveals that 1,381 breaches occurred between Q3 2024 and Q2 2025, with no significant concentration around major shopping events. Security…

    61 articles · Updated November 28, 2025
  • LummaStealer Infections Rise Following CastleLoader Campaigns

    LummaStealer infections have surged due to social engineering campaigns utilizing the ClickFix technique to distribute CastleLoader malware. This infostealer, operating as a malware-as-a-service platform, had previously…

    7 articles · Updated February 11, 2026
  • Cyber Monday 2025: Surge in Online Scams Targeting Shoppers

    As Cyber Monday approaches, online shoppers are facing increased risks from cybercriminals exploiting the surge in digital purchases. Security experts warn of fraudulent websites, phishing emails, and insecure payment…

    7 articles · Updated November 21, 2025

Recent Intelligence Reports

  • Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet — Trendmicro · May 26, 2026
  • Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet — Feeds.Trendmicro · May 26, 2026
  • LummaStealer infections surge after CastleLoader malware campaigns — Bleepingcomputer · February 11, 2026
  • From Amazon to Louis Vuitton: How Darktrace Detects Black Friday Phishing Attacks — Darktrace · November 27, 2025

CVSS v3.1 Breakdown