Lucene search
K

4 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2026/03/10 12:0 a.m.5 views

Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites

Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/01/20 6:1 p.m.8 views

ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT

Huntress discovers 'CrashFix,' a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware...

5.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/19 9:9 a.m.5 views

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/08 4:43 p.m.8 views

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. "Site visitors get injected content that was drive-by malware like fake Cloudflare verification," Sucuri...

6.6AI score
Exploits0
Rows per page
Query Builder