Cybercriminals are increasingly exploiting **Microsoft Teams** to target employees, impersonating IT and help desk staff. **KongTuke**, known for selling network access to ransomware operators, has adopted this method to swiftly gain a foothold within organizations. ### The Attack Vector The attack involves convincing victims to run a malicious PowerShell command, which downloads and executes the "ModeloRAT" malware.  *The PowerShell command used in the observed attacks. Source: ReliaQuest* Researchers at **ReliaQuest** have observed this shift in tactics, noting that **KongTuke** previously relied on web-based "FileFix" and "CrashFix" lures. According to **ReliaQuest**, "This Teams activity, which appears to add to, rather than replace, that web-based approach, marks the first time we’ve seen KongTuke use a collaboration platform for initial access." ### Campaign Details The campaign has been active since at least April 2026, with **KongTuke** rotating through five **Microsoft 365** tenants to evade detection. To impersonate internal IT support, the attacker uses Unicode whitespace tricks to make the display name appear legitimate. The malicious PowerShell command downloads a ZIP archive from **Dropbox** containing a portable WinPython environment, which then launches the Python-based ModeloRAT (Pmanager.py). ### ModeloRAT Capabilities The malware collects system and user information, captures screenshots, and can exfiltrate files. **ReliaQuest** highlights several key evolutions in the ModeloRAT version used in this campaign: 1. **Resilient C2 Architecture:** A five-server pool, automatic failover, randomized URL paths, and self-update capability. 2. **Multiple Access Paths:** A primary RAT, a reverse shell, and a TCP backdoor, running on separate infrastructure. 3. **Expanded Persistence:** Run keys, Startup shortcuts, VBScript launchers, and SYSTEM-level scheduled tasks.  *The persistent scheduled task. Source: ReliaQuest* Notably, the scheduled task isn't removed by the implant's self-destruct routine, allowing it to persist through system reboots. ### Mitigation Strategies To defend against Teams-initiated attacks, restricting external **Microsoft Teams** federation using allowlists is recommended. This can help block initial contact attempts. Administrators should also leverage the indicators of compromise (IOCs) provided in **ReliaQuest’s** report to proactively hunt for signs of compromise and persistence artifacts. <div> <p><a rel="noopener nofollow" href="https://hubs.li/Q04crVgD0"><img src="https://www.bleepstatic.com/c/p/autonomous-validation2.jpg" data-src="https://www.bleepstatic.com/c/p/autonomous-validation2.jpg" alt="article image"></a></p> <div> <h2><a rel="noopener nofollow" href="https://hubs.li/Q04crVgD0">99% of What Mythos Found Is Still Unpatched.</a></h2> <p>AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.</p> <p>At the Autonomous Validation Summit (May 12 &amp; 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop.</p> <p><a rel="noopener nofollow" href="https://hubs.li/Q04crVgD0">Claim Your Spot</a></p> </div> </div>