Intel Name: Kongtuke leads to infection abusing bionic
Date of Scan: January 16, 2025
Impact: High
Summary: KongTuke involves an injected script that causes associated websites to display fake “verify you are human” pages. These deceptive pages load the victim’s Windows clipboard with a malicious PowerShell script and provide detailed instructions, urging victims to paste and execute the script in a Run window. This tactic is part of a campaign commonly tracked as #KongTuke.
