TECH NEWS

Woodgnat Hackers Use Mistic RAT to Broker Access for Ransomware Gangs

https://hackread.com/wp-content/uploads/2026/06/woodgnat-hackers-mistic-rat-access-ransomware-gangs-1024x597.jpg

A newly discovered remote access Trojan (RAT) called Backdoor.Mistic (Mistic backdoor), tracked by Zscaler as MLTBackdoor, is helping hackers infiltrate corporate networks. Detected in April 2026, this RAT is used by a specific group to set up hidden entry points inside businesses. Instead of disrupting systems themselves, these actors operate as brokers, selling network access to major ransomware operations.

Security firms like Broadcom’s Symantec team, Carbon Black, Zscaler, and ThaiCert have been tracking this activity. They linked the campaign to a group active since May 2024 known as Woodgnat hackers (aka KongTuke).

Woodgnat hackers, who also deploy a tool called ModeloRAT, act as a middleman for ransomware networks like Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta. The group hits schools, insurance firms, and IT services at random just to find any opportunity to profit.

Sneaky tricks on web browsers and Teams

...

Copyright of this story solely belongs to hackread.com. To see the full text click HERE

Read more

https://static01.nyt.com/images/2026/06/26/multimedia/26biz-meta-polymark-1-ztlv/26biz-meta-polymark-1-ztlv-facebookJumbo.jpg

Sources: Zuckerberg urged execs to explore Polymarket and Kalshi partnerships, as the Arena prediction app targets 100M monthly active “predictors” aged 18-34

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.