Fake Microsoft Teams Updates to Infect Systems



Microsoft Teams Updates Infect SystemsAccording to Bleeping Computer, ransomware operators are using malicious fake ads for Microsoft Teams updates to infect systems. The infection would deploy Cobalt Strike to compromise the rest of the network.

The organizations targeted range from various industries, with a recent focus on the education sector (K-12 specifically), which depends on a remote environment due to COVID-19. In a non-public security advisory, Microsoft is warning its customers about these FakeUpdates campaigns, offering recommendations that would lower the impact of the attack via its Defender ATP service.

The fake ads that lured unsuspected users was made possible by interfering with the search engine results through malicious online advertisements. In an example attack Microsoft detected, the bad guys purchased a search engine ad that caused the top results for Teams software to direct to a malicious domain. 

Clicking on the link downloaded a payload that executed a PowerShell script to retrieve more malicious content. It also installed a legitimate copy of Microsoft Teams on the system to keep victims unaware of the attack.

It's important to make sure your users are aware of any potential warning signs. New-school security awareness training can prepare your users to stay alert and report any malicious activity.

Bleeping Computer has the full story


RanSim

Free downloadable software tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the installer and run it
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransim

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews