#modelorat

[ follow ]
#kongtuke #clickfix #dns-based-payload #chrome-extension-malware #traffic-distribution-system-tds
Information security
fromSecurityWeek
4 weeks ago

Microsoft Warns of ClickFix Attack Abusing DNS Lookups

Threat actors use a ClickFix variant to trick users into running commands that perform DNS-based second-stage execution and ultimately deploy ModeloRAT.
Information security
fromThe Hacker News
1 month ago

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

KongTuke used a malicious Chrome extension masquerading as an ad blocker to deploy ModeloRAT and hand off compromised hosts to ransomware groups.
[ Load more ]