Our analysis of an active KongTuke campaign deploying modeloRAT β malware capable of reconnaissance, command execution, and persistent access β through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix technique.
Login
