ADVERTISEMENT

KongTuke’s CrashFix campaign uses fake Chrome adblocker to deploy ModeloRAT

A worker searching for an adblocker ended up installing malware instead after threat actor KongTuke pushed a fake Chrome extension that hijacked the browser, causing repeated crashes and baiting users into running malicious commands.

malware, hackers

Image by Cybernews.

Ann-Marie Corvin
Ann-Marie Corvin Senior Journalist
Jan 20, 2026 Updated: 21 January 2026 2 min read
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT

Perpetual infection loop frustrates user into clicking on fixes

KongTuke’s CrashFix campaign demonstrates how threat actors continue to evolve their social engineering tactics. By impersonating a trusted open-source project, crashing the user’s browser on purpose, and then offering a fake fix, they have built a self-sustaining infection loop that preys on user frustration.”
Huntress

ADVERTISEMENT