Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Malware found in Microsoft Teams

published on 2023-09-26 13:47:59 UTC by philviles
Content:

Researchers have reported a new phishing campaign targeting Microsoft Teams messages that sends malicious attachments which lead to the DarkGate loader malware being downloaded.

The malware, used since 2017, was identified in August after MS Teams users reported suspicious phishing messages sent by external accounts. The messages were HR-related (pertaining to annual leave changes) and coaxed users to open a ZIP file to check the “changes”.

The ZIP file is hosted on a SharePoint domain and contains an .LNK file masquerading as a PDF document.

After analysis, researchers found that the file contained malicious VBScript which would start the infection chain resulting in the DarkGate malware payload being deployed.

The malware was initially only used by the developer but has recently been seen for rent online. The author has been seen selling access to the malware to a limited ten people, for a price ranging from $1000 for one day, $15,000 for a month, or $100,000 for a year’s subscription.

The malware supports a number of activities including crypto mining, keylogging, information stealing and remote access.

The recent increase in activity related to this malware may be due to the uptake of affiliates buying access to it.

Phishing within Microsoft Teams, however, is not new. Researchers from JumpSec, a cyber security consulting company, reported a bug within Teams which allows malware to bypass security controls.

Phishing remains a primary attack vector for threat actors with over 3 billion malicious emails sent every day.

Combined with this, malware loaders are a becoming increasingly common. Users of Teams should exercise caution to unexpected or unusual messages and pay close attention to the senders and content before interacting with links or attachments.


Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).


Article: Malware found in Microsoft Teams - published about 1 year ago.

https://www.emcrc.co.uk/post/malware-found-in-microsoft-teams   
Published: 2023 09 26 13:47:59
Received: 2023 09 26 14:06:59
Feed: The Cyber Resilience Centre for the East Midlands
Source: National Cyber Resilience Centre Group
Category: News
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor