Through the Lens of MDR: Analysis of KongTuke’s ClickFix Abuse of Compromised WordPress Sites
Trend Micro Simply Security
2026-03-10 08:00:00
收藏
Our analysis of an active KongTuke campaign deploying modeloRAT — malware capable of reconnaissance, command execution, and persistent access — through compromised WordPress sites and fake CAPTCHA lures shows that the group still operates this delivery chain in parallel with the newer CrashFix technique.
目录
最新
- U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026
- Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
- Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
- TrendAI Insight: New U.S. National Cyber Strategy
- TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats
- Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads
- The Real Risk of Vibecoding
- TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM