Reputation Hijacking With JamPlus: A Maneuver To Bypass Smart App Control (SAC)
The initial infection involves downloading a malicious package containing a legit CapCut app, JamPlus utility, and a malicious script. The script triggers the download and execution of the final payload from a remote server.