Lucene search
K

4 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2026/03/10 12:0 a.m.5 views

Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites

Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/16 1:9 p.m.10 views

ClickFix added nslookup commands to its arsenal for downloading RATs

ClickFix malware campaigns are all about tricking the victim into infecting their own machine. Apparently, the criminals behind these campaigns have figured out that mshta and Powershell commands are increasingly being blocked by security software, so they have developed a new method using...

6.1AI score
Exploits0
HackRead
HackRead
added 2026/01/20 6:1 p.m.8 views

ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT

Huntress discovers 'CrashFix,' a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware...

5.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/19 9:9 a.m.5 views

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a...

6.5AI score
Exploits0
Rows per page
Query Builder