#dns-based-payload

#dns-based-payload

Threat actors use a ClickFix variant to trick users into running commands that perform DNS-based second-stage execution and ultimately deploy ModeloRAT.