Russian hackers have been found exploiting Microsoft Teams to deploy ransomware and steal data. This sophisticated campaign showcases the growing threat of social engineering attacks.
Cybersecurity researchers have identified two active campaigns where Russian hackers abuse Microsoft Teams and remote management tools like Quick Assist. The attackers target specific employees with spam emails and follow up with voice and video calls on Teams, posing as technical support. They then gain remote access to the victim’s computer to deploy ransomware.
The campaigns, linked to Russian groups STAC5143 and STAC5777, have been highly active, with over 15 incidents reported in the past three months. These campaigns are being actively monitored by authorities and are advising companies to review their Microsoft Office 365 configurations. They recommend blocking messages from outside accounts and restricting the use of remote access tools. By enhancing detection capabilities and promoting awareness, they aim to mitigate the impact of these sophisticated attacks.
#CyTech #cybernews #cybersecurity #ciso #cisoworkplace #ransomware #Microsoft
Leave a Reply