Skip to content
The Nexus
SECURITYJun 25 · 08:54 UTCTHE HACKER NEWS[email protected] (The Hacker News)

New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns

A new backdoor named Mistic (MLTBackdoor) has been used in financially motivated attacks targeting organizations in insurance, education, IT, and professional services since April 2026. Symantec and Carbon Black's Threat Hunter Team linked it to an initial access broker named KongTuke and campaigns called ClickFix and ModeloRAT.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting