Microsoft warns of new malware threat spread through Teams
The threat actor is currently tracked with the identifier Storm-0324, and Microsoft says this hacker group has been active since 2016.
In a blog post, Microsoft's internal security research team revealed that this past July, 'Storm-0324 was observed delivering malicious payloads using an open source tool. to send phishing bait through Microsoft Teams chats." Further investigation, Microsoft found that the group had primarily distributed JSSLoader malware since 2019. This malware could then be used by another threat actor group called Sangria Tempest to infect target PCs with ransomware files:
Storm-0324's delivery chain begins with phishing emails that reference invoices or payments, and contain links to SharePoint sites that store ZIP archives. Microsoft is currently focused on identifying abuse, removing malicious activity, and implementing new proactive protections to prevent malicious actors from using services on the company's platforms.
Microsoft adds that these malicious emails can look like real, popular documents such as DocuSign, Quickbooks. In some cases, they also ask victims to enter security codes or passwords just like the real thing. to, make the victim lose his guard. The company said it has taken several measures to prevent these types of malware from being spread in Teams chats. For example, suspending accounts that have been confirmed to be involved in fraudulent activity.
Microsoft also listed a number of methods that companies currently using Teams can deploy to prevent and limit the risk of this new phishing attack. This includes allowing only known devices to connect to Teams, educating employees on phishing and malware attacks, and reviewing suspicious logins.
You should read it
- Warning: Phishing attacks targeting Microsoft Teams show signs of sharp increase
- Hackers break into chats on Microsoft Teams to spread malware
- Users should be wary of this Microsoft Teams security flaw
- 25% of 'over-the-counter' phishing emails are the default security of Office 365
- How to use Microsoft Teams to work remotely?
- How to Comfortably Transition from School Teams to Work Teams
- How to use Microsoft Teams online
- How to fix Microsoft Teams not loading or opening
- Link download Microsoft Teams 1.3.00.3564
- Microsoft urgently warns about a phishing campaign that uses malicious Excel macros to hack PCs
- How to prevent members from clicking each other out of a group in Microsoft Teams
- Microsoft lists many security and privacy features, Teams users should keep in mind
Maybe you are interested
Microsoft's official Windows 11 virtual machine is no longer available
How to remove Microsoft Edge on Windows 11
Microsoft makes major improvements to Windows Update, updates will be installed much faster
Microsoft Word or Google Docs is better for you?
Distinguishing Microsoft 365 and Office 2024
Microsoft's foldable smartphone won't have a crease