SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

18:12 - 17 Feb 2026
thehackernews.com
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an information stealer known as StealC. "The threat actors cloned a legitimate Oura MCP Server – a tool that connects AI assistants to Oura Ring health data – and built a deceptive
https://thehackernews.com/2026/02/smartloader-attack-uses-trojanized-oura.html

Article info: