Found 3 bookmarks
Custom sorting
DarkGate Opens Organizations for Attack via Skype, Teams
DarkGate Opens Organizations for Attack via Skype, Teams
From July to September, we observed the DarkGate campaign (detected by Trend Micro as TrojanSpy.AutoIt.DARKGATE.AA) abusing instant messaging platforms to deliver a VBA loader script to victims. This script downloaded and executed a second-stage payload consisting of a AutoIT scripting containing the DarkGate malware code. It’s unclear how the originating accounts of the instant messaging applications were compromised, however is hypothesized to be either through leaked credentials available through underground forums or the previous compromise of the parent organization.
#trendmicro#EN#2024#malware#DarkGate#Skype#Teams
·trendmicro.com·
DarkGate Opens Organizations for Attack via Skype, Teams
DarkGate malware delivered via Microsoft Teams - detection and response
DarkGate malware delivered via Microsoft Teams - detection and response
While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector. Most Teams activity is intra-organizational, but Microsoft enables External Access by default, which allows members of one organization to add users outside the organization to their Teams chats. Perhaps predictably, this feature has provided malicious actors a new avenue by which to exploit untrained or unaware users.
#cybersecurity.att.com#EN#2024#Microsoft#Teams#phishing#malware
·cybersecurity.att.com·
DarkGate malware delivered via Microsoft Teams - detection and response