Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. […]
Tag: KongTuke
AI, Global Security News, malware
Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites
Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix technique.