KongTuke Abandoning “ClickFix” to Launch Direct Microsoft Teams Attacks

Corporate collaboration platforms have officially moved to the top of the initial access broker playbook. A new technical report published by the ReliaQuest Threat Research Team has revealed an aggressive campaign targeting corporate networks via external chat features. The activity marks a significant shift in strategy for “KongTuke,” a financially motivated initial access broker (IAB) known for fueling downstream ransomware networks.

As the ReliaQuest team highlights in their intelligence briefing:

“Financially motivated initial access broker (IAB) ‘KongTuke’ has moved to external Microsoft Teams chats for initial access—the first time we’ve seen the group use a collaboration platform instead of its earlier web-only ‘ClickFix’ delivery.”

Historically, KongTuke established its footprint in the cyber underworld by hijacking vulnerable WordPress websites. They used these compromised sites to host highly effective “ClickFix” and “CrashFix” lures. These templates presented victims with fake browser crashes or deceptive CAPTCHA verification windows, tricking them into copying and executing a malicious PowerShell command to resolve the non-existent issue.

While that web-based infrastructure remains active, KongTuke’s pivot to enterprise messaging platforms represents a more direct, intimate threat vector. Threat actors are now actively masquerading as corporate help-desk staff or internal IT support representatives over external Microsoft Teams chat requests.

By exploiting standard corporate configurations that permit external tenant federation, the brokers reach straight into a target employee’s workspace. Because the interaction occurs inside a trusted collaborative interface, the user’s psychological defenses are severely lowered compared to traditional email phishing.

The speed of the resulting infection chain is alarmingly lethal:

“Active since at least April 2026, the chain reaches persistent access within five minutes of a user pasting a single PowerShell command.”

Once the employee is tricked into running the paste-and-run command, KongTuke drops its proprietary, custom Python loader to handle the environment. The ultimate payload delivered by this loader is ModeloRAT, a highly resilient toolkit designed specifically to maintain an unbreakable foothold inside the enterprise network.

To prevent defenders from easily evading or containing the threat, the authors built an intricate redundancy layout directly into ModeloRAT’s core architecture:

“The ‘ModeloRAT’ toolkit that’s ultimately deployed is built to survive disruption, with three independent command-and-control (C2) paths on separate infrastructure as well as persistence spread across four triggers. This means cutting one channel or artifact still leaves access in place.”

The execution chain secures its persistence using a clever mix of multi-stage script packaging and subtle timing delays. The loader writes a standalone VBScript wrapper file named scriptA.vbs alongside a standard Windows Startup folder shortcut labeled StartManagerB.lnk under the user’s roaming application directory.

Every time the user logs on, the shortcut executes the VBScript wrapper, which in turn invokes the primary payload (Pmanager.py) leveraging a portable, bundled Python runtime engine (WPy64-31401) hidden in the filesystem.

To break automated endpoint inspection, the threat incorporates a micro-delay:

“The added six-second delay before Python execution can help the chain survive shallow sandboxing and break simple detections that rely on correlating the persistence event with the follow-on RAT launch.”

The velocity of KongTuke’s initial access model leaves traditional security response structures in the dust. As ReliaQuest warns, “In practice, that leaves very little time for manual response. By the time a Teams message is reported and reviewed, the host may already be beaconing and persistent.”