How these Microsoft Teams group chat requests can be harmfulThe report claims that once the malware is installed on a victim’s system, it will reach out to its command-and-control server. This server has already been identified as part of DarkGate malware infrastructure by Palo Alto Networks, report Bleeping Computer.
As per the report, the hackers were able to push this phishing campaign as Microsoft allows Teams users to message other users by default.
AT&T Cybersecurity network security engineer Peter Boyle has warned: “Unless absolutely necessary for daily business use, disabling External Access in Microsoft Teams is advisable for most companies, as email is generally a more secure and more closely monitored communication channel. As always, end users should be trained to pay attention to where unsolicited messages are coming from and should be reminded that phishing can take many forms beyond the typical email.”
During its Q2 2023 earnings call, Microsoft announced that Teams has over 280 million monthly users. The popularity of the video calling service might be the reason for cybercriminals to use this platform for targeting victims.
With the latest phishing campaign, DarkGate operators are trying to push the malware through Microsoft Teams in attacks targeting organisations where admins haven’t secured its users by disabling the External Access setting.
In 2023, similar campaigns were discovered pushing the DarkGate malware via compromised external Office 365 accounts and Skype accounts.
What is DarkGateA Kaspersky report from 2023 also claims that the DarkGate malware has several capabilities. This includes a concealed VNC, tools to bypass Windows Defender, a browser history theft tool, an integrated reverse proxy, a file manager and a Discord token stealer.
The Times of India Gadgets Now awards: Cast your vote now and pick the best phones, laptops and other gadgets of 2023
end of article