Tuesday, September 17, 2024
Homecyber securityNews Malspam Attacks AnyDesk and Microsoft Teams

News Malspam Attacks AnyDesk and Microsoft Teams

Published on

Cybersecurity researchers have uncovered a sophisticated malspam campaign targeting unsuspecting users through email and phone calls.

Attackers are leveraging popular platforms like AnyDesk and Microsoft Teams to gain unauthorized access to victims’ computers, raising alarms about cybercriminals’ evolving tactics.

The Attack Methodology

The campaign begins with an email bombardment, commonly referred to as an “email bomb,” which is designed to overwhelm the victim’s inbox and obscure the malicious intent. Following this digital assault, the attackers initiate a phone call via Microsoft Teams, a widely used communication tool.

- Advertisement - EHA

During the call, the attacker poses as a legitimate representative, convincing the victim to download AnyDesk, a legitimate remote access tool, as report by Broadcom. Once installed, AnyDesk allows the attacker to take complete control of the victim’s computer.

Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot

Malicious Payloads and Data Theft

With remote access secured, the attacker executes malicious payloads on the compromised system. These payloads are designed to perform various harmful actions, including stealing sensitive data such as login credentials, financial information, and personal documents.

The attackers’ ability to remotely manipulate the victim’s computer also poses a significant risk of further malware installation, potentially leading to long-term system compromise and data exploitation.

This newly identified campaign underscores the need for heightened vigilance among users and organizations.

Cybersecurity experts advise individuals to be wary of unsolicited emails and phone calls, especially those requesting the installation of software or remote access tools.

Organizations are encouraged to implement robust security measures, including employee training on recognizing phishing attempts and using multi-factor authentication to safeguard communication platforms like Microsoft Teams.

As cyber threats evolve, staying informed and adopting proactive security practices remain crucial in protecting against these sophisticated attacks.

Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Acces

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks

Song Wu, a Chinese national, has been indicted on charges of wire fraud and...

Entro Security Labs Releases Non-Human Identities Research Security Advisory

Analysis of millions of real-world NHI secrets by Entro Security Labs reveals widespread, significant...

Critical Vulnerabilities Impact Million of D-Link Routers, Patch Now!

Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher...

Windows MSHTML Zero-Day Vulnerability Exploited In The Wild

Adobe released eight security updates in September 2024, addressing 28 vulnerabilities in various products,...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks

Song Wu, a Chinese national, has been indicted on charges of wire fraud and...

Entro Security Labs Releases Non-Human Identities Research Security Advisory

Analysis of millions of real-world NHI secrets by Entro Security Labs reveals widespread, significant...

Critical Vulnerabilities Impact Million of D-Link Routers, Patch Now!

Millions of D-Link routers are at risk due to several critical vulnerabilities. Security researcher...