ClickFix Campaign Uses New Technique to Deliver ModeloRAT Malware

A ClickFix campaign is using a new technique to trick users into executing malicious commands through a fake HTML error message. The attackers are abusing the nslookup (DNS lookup) command to download and execute ModeloRAT, a malware targeting Windows systems. The method bypasses defenses by exploiting hidden PowerShell scripts or batch files. ModeloRAT enables data theft, remote command execution, and persistence on the infected system. No specific date or geographic target is mentioned. Source: https://www.darkreading.com/endpoint-security/clickfix-attacks-dns-lookup-command-modelorat