Microsoft Teams phishing is used by ransomware dropper to hijack accounts.

Microsoft said on Tuesday that “Storm-0324 started using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file in July 2023.”

According to Microsoft, a former connection broker that was associated with ransomware organizations has shifted to using Microsoft Teams phishing assaults as a means of breaking into business networks.

Additionally, Storm-0324 has given the infamous FIN7 cybercrime gang access to business networks that they had already breached with the help of Gozi, Nymaim, and JSSLoader.

This attack is being carried out by the financially motivated threat organization Storm-0324, a malevolent actor that has previously been known to use the malware Sage and GandCrab.


(Score: 23) - 4.8/5