Microsoft said on Tuesday that “Storm-0324 started using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file in July 2023.”
According to Microsoft, a former connection broker that was associated with ransomware organizations has shifted to using Microsoft Teams phishing assaults as a means of breaking into business networks.
Additionally, Storm-0324 has given the infamous FIN7 cybercrime gang access to business networks that they had already breached with the help of Gozi, Nymaim, and JSSLoader.
Â
This attack is being carried out by the financially motivated threat organization Storm-0324, a malevolent actor that has previously been known to use the malware Sage and GandCrab.
Â
(Score: 23) - 4.8/5
4.8/5