KongTuke

Nation: N/A · 2 tracked threat(s) · Categories: MALWARE, PHISHING

Also known as: TAG-124, LandUpdate808, Chaya_002, KongTuke

Tracked threats

KongTuke ClickFix Campaign — ModeloRAT Deployment via Compromised WordPress Sites and CrashFix Browser Extension — HIGH
ClickFix Evolution — nslookup DNS Smuggling + CrashFix Browser DoS + ModeloRAT Python RAT, KongTuke Actor, Enterprise Domain-Joined Targeting — HIGH

Full actor intelligence — infrastructure, IOCs, detection coverage and operator fingerprints — is available via the Threadlinqs MCP server (Purple tier). View plans →

Threadlinqs Intelligence