25 Jun Microsoft says this new malware could bankrupt your business
Microsoft says this new malware could bankrupt your business
Cybersecurity experts at Microsoft are warning Office users of an elaborate new malware campaign that involves fake subscriptions, and fraudulent call centers.
Researchers at Microsoft Security Intelligence (MSI), who are actively tracking the campaign dubbed BazaCall, warn that the eventual goal of the threat actors is to deploy ransomware.
“We’re tracking an active BazaCall malware campaign leading to human-operated attacks and ransomware deployment,” MSI shared via its official Twitter account.
Ongoing campaign
Unraveling the modus operandi of the attack, MSI notes that inspired by a traditional tech-support scam, the campaign first uses emails to lure recipients to ring up a number to cancel their supposed subscription to a particular service.
Engaging with the threat actors on the other side of the fraudulent call center, the unsuspecting user is then instructed to download an Excel file in order to cancel the service. MSI says that this Excel file contains a malicious macro that downloads the BazaLoader malware.
MSI says that while Microsoft 365 Defender is equipped to identify and defend against such spurious emails, it is the lack of any tell-tale malicious elements in the emails that is currently proving to be a challenge.
Even as they continue to study and understand the ongoing campaign in detail, the MSI team has shared advanced hunting queries to help IT and cybersecurity staff to identify signs of the campaign, including the fraudulent emails, in order to nip the attack in the bud itself.
Managing your IT landscape so you don’t have to
We are a Cloud services provider, so we understand the apprehension that many feel before making the leap to Cloud computing. We take the reins when conducting your transition, allowing your company to enjoy the advanced opportunities it has to offer. We are proud to provide top quality services to our customers, preventing business disruption that can be caused by tech problems. We can assist you in deciding what approach is best for you, a full transition to Cloud computing and all the positives that come with it, an on-premise managed solution, or a hybrid of the two – whatever the case we will be sure to establish the right solution for you. Alongside our expertise in Cloud computing, our experienced and knowledgeable team at Apogee Solutions perform proactive monitoring of servers and workstations, fixing problems remotely, and dealing with security issues.
Get in contact now and see how – with the right tools, and education around their use – you and your team can take your next step into the future of IT.
Source: https://www.techradar.com/