The final payload is a remote access trojan named ModeloRAT, which enables attackers to collect information about the compromised system and execute other payloads.While Microsoft has not shared any information on the attacks, Huntress reported recently that a threat actor tracked as KongTuke had been deploying ModeloRAT through a ClickFix variant dubbedCrashFix. The campaign was aimed at corporate environments.Related:Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User DataRelated:RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on IndiaRelated:New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices

While Microsoft has not shared any information on the attacks, Huntress reported recently that a threat actor tracked as KongTuke had been deploying ModeloRAT through a ClickFix variant dubbedCrashFix. The campaign was aimed at corporate environments.Related:Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User DataRelated:RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on IndiaRelated:New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices

Related:Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User DataRelated:RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on IndiaRelated:New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices

Related:RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on IndiaRelated:New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices

Related:New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices

Eduard Kovacs (@EduardKovacs) is the managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise.

SecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats.

OPSWAT has appointed Jan Miller as Chief Technology Officer (CTO).

Salesforce has named Iain Mulholland as Chief Information Security Officer.

Source: SecurityWeek