KongTuke hackers now use Microsoft Teams for corporate breaches

Summary

Initial access broker KongTuke has shifted tactics to use Microsoft Teams for social engineering attacks against corporate networks, impersonating IT staff to trick users into running malicious PowerShell commands. The attacks deliver ModeloRAT, a Python-based remote access trojan that establishes persistent access with enhanced C2 resilience, multiple backdoor channels, and sophisticated persistence mechanisms designed to survive standard cleanup procedures. The campaign has been active since at least April 2026, with the threat actor rotating through multiple Microsoft 365 tenants to evade detection and blocking.

Full text

KongTuke hackers now use Microsoft Teams for corporate breaches By Bill Toulas May 14, 2026 08:12 AM 0 Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. The threat actor tricks users into pasting a PowerShell command that ultimately delivers the ModeloRAT, which has been previously seen in ClickFix attacks [1, 2]. Initial access brokers (IAB) like KongTuke typically sell company network access to ransomware operators, who use it to deploy file-theft and data-encrypting malware. Cybercriminals have increasingly adopted Microsoft Teams in attacks, reaching out to company employees and pretending to be IT and help-desk staff. The victims are convinced to run a malicious PowerShell command on their systems, which deploys the “ModeloRAT” malware. The PowerShell command used in the observed attacksSource: ReliaQuest ReliaQuest researchers observed this activity and say that it is a shift in tactics for KongTuke, who previously relied solely on web-based “FileFix” and “CrashFix” lures. “This Teams activity, which appears to add to, rather than replace, that web-based approach, marks the first time we’ve seen KongTuke use a collaboration platform for initial access,” explains ReliaQuest. “In the incidents we investigated, a single external Teams chat moved the operator from cold outreach to a persistent foothold in under five minutes.” The campaign has been active since at least April 2026, with KongTuke rotating through five Microsoft 365 tenants to evade blocking, the researchers say. To pass as internal IT support staff, the attacker uses Unicode whitespace tricks to make the display name appear legitimate. The malicious PowerShell command shared via Teams downloads a ZIP archive from Dropbox that contains a portable WinPython environment, which eventually launches the Python-based malware, ModeloRAT (Pmanager.py). The malware collects system and user information, captures screenshots, and can exfiltrate files from the host filesystem. ReliaQuest notes that the ModeloRAT version used in this recent campaign has evolved compared to what was seen in previous operations, mostly in three ways: A more resilient C2 architecture with a five-server pool, automatic failover, randomized URL paths, and self-update capability. Multiple independent access paths, including a primary RAT, a reverse shell, and a TCP backdoor, running on separate infrastructure to preserve access if one channel is disrupted. Expanded persistence mechanisms using Run keys, Startup shortcuts, VBScript launchers, and SYSTEM-level scheduled tasks that may survive standard cleanup procedures. The researchers note that the scheduled task isn’t removed by the implant’s self-destruct routine, which wipes the other persistence mechanisms, and can persist through system reboots. The persistent scheduled taskSource: ReliaQuest To defend against Team-initiated attacks, it is recommended to restrict external Microsoft Teams federation using allowlists to block these attempts at their start. Additionally, administrators can use the indicators of compromise available in ReliaQuest’s report to hunt for attacks, signs of compromise, and persistence artifacts. 99% of What Mythos Found Is Still Unpatched. AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop. Claim Your Spot Related Articles: Yanluowang ransomware access broker gets 81 months in prisonMicrosoft says backend change broke Teams Free chat and callsThreat actor uses Microsoft Teams to deploy new “Snow” malwareMicrosoft: Some Teams users can’t join meetings after Edge updateMicrosoft Teams to get efficiency mode on PCs with limited resources

Indicators of Compromise

• malware — ModeloRAT
• malware — ClickFix

Entities