Wednesday, November 20, 2024
Homecyber securityNews Malspam Attacks AnyDesk and Microsoft Teams

News Malspam Attacks AnyDesk and Microsoft Teams

Published on

Cybersecurity researchers have uncovered a sophisticated malspam campaign targeting unsuspecting users through email and phone calls.

Attackers are leveraging popular platforms like AnyDesk and Microsoft Teams to gain unauthorized access to victims’ computers, raising alarms about cybercriminals’ evolving tactics.

The Attack Methodology

The campaign begins with an email bombardment, commonly referred to as an “email bomb,” which is designed to overwhelm the victim’s inbox and obscure the malicious intent. Following this digital assault, the attackers initiate a phone call via Microsoft Teams, a widely used communication tool.

- Advertisement - SIEM as a Service

During the call, the attacker poses as a legitimate representative, convincing the victim to download AnyDesk, a legitimate remote access tool, as report by Broadcom. Once installed, AnyDesk allows the attacker to take complete control of the victim’s computer.

Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot

Malicious Payloads and Data Theft

With remote access secured, the attacker executes malicious payloads on the compromised system. These payloads are designed to perform various harmful actions, including stealing sensitive data such as login credentials, financial information, and personal documents.

The attackers’ ability to remotely manipulate the victim’s computer also poses a significant risk of further malware installation, potentially leading to long-term system compromise and data exploitation.

This newly identified campaign underscores the need for heightened vigilance among users and organizations.

Cybersecurity experts advise individuals to be wary of unsolicited emails and phone calls, especially those requesting the installation of software or remote access tools.

Organizations are encouraged to implement robust security measures, including employee training on recognizing phishing attempts and using multi-factor authentication to safeguard communication platforms like Microsoft Teams.

As cyber threats evolve, staying informed and adopting proactive security practices remain crucial in protecting against these sophisticated attacks.

Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Acces

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Trend Micro Deep Security Vulnerable to Command Injection Attacks

Trend Micro has released a critical update addressing a remote code execution (RCE) vulnerability...

CISA Warns Kemp LoadMaster OS Command Injection Vulnerability Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent security advisory warning organizations...

Phobos Ransomware Admin as Part of International Hacking Operation

The U.S. Department of Justice unsealed criminal charges today against Evgenii Ptitsyn, a 42-year-old Russian...

Maxar Space Data Leak, Threat Actors Gain Unauthorized Access to the System

Maxar Space Systems, a leader in space technology and Earth intelligence solutions, has recently...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Trend Micro Deep Security Vulnerable to Command Injection Attacks

Trend Micro has released a critical update addressing a remote code execution (RCE) vulnerability...

CISA Warns Kemp LoadMaster OS Command Injection Vulnerability Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent security advisory warning organizations...

Phobos Ransomware Admin as Part of International Hacking Operation

The U.S. Department of Justice unsealed criminal charges today against Evgenii Ptitsyn, a 42-year-old Russian...