""The threat actors cloned a legitimate Oura MCP Server - a tool that connects AI assistants to Oura Ring health data - and built a deceptive infrastructure of fake forks and contributors to manufacture credibility," Straiker's AI Research (STAR) Labs team said in a report shared with The Hacker News. The end game is to leverage the trojanized version of the Oura MCP server to deliver the StealC infostealer, allowing the threat actors to steal credentials, browser passwords, and data from cryptocurrency wallets."
"SmartLoader, first highlighted by OALABS Research in early 2024, is a malware loader that's known to be distributed via fake GitHub repositories containing artificial intelligence (AI)-generated lures to give the impression that they are legitimate. In an analysis published in March 2025, Trend Micro revealed that these repositories are disguised as game cheats, cracked software, and cryptocurrency utilities, typically coaxing victims with promises of free or unauthorized functionality to make download ZIP archives that deploy SmartLoader."
Threat actors cloned a legitimate Oura MCP server and built fake forks, contributors, and repositories to create credibility. They trojanized the MCP server to deliver the StealC infostealer, enabling theft of credentials, browser passwords, and cryptocurrency wallet data. The campaign leverages SmartLoader, a malware loader distributed through fake GitHub repositories using AI-generated lures. Repositories are disguised as game cheats, cracked software, and cryptocurrency utilities to coax victims into downloading ZIP archives that deploy SmartLoader. Actors submitted trojanized servers to MCP registries like MCP Market and kept listings active to exploit platform trust and lure downloads.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]