Cybercriminals are using fake IT support calls on Microsoft Teams to persuade employees to surrender control of their PCs before installing the EtherRAT remote access trojan, according to researchers at Palo Alto Networks’ Unit 42.
Victims receive a phishing email disguised as an employee survey before a follow-up Microsoft Teams call from someone claiming to be IT support. During the call, the attacker persuades the target to hand over remote control and install legitimate remote administration tools such as HopToDesk or AnyDesk. An MSI package is then downloaded, which installs the EtherRAT malware.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups
June 11, 2024
Since 2022, Trend Micro researchers have been investigating numerous targeted attacks in the Asia-Pacific region that used the same ELF backdoor. Most vendors identify this backdoor as a variant of existing malware such as Gh0st RAT or Rekoobe. However, Trend Micro unearthed the truth: this backdoor is not merely a variant of existing malware, but is ...
- City of Helsinki’s suffers data breach
June 11, 2024
It remains unclear whether the perpetrator behind a massive data breach of the City of Helsinki has tried to benefit from the crime, according to the City. Detected in April, the hack resulted in the leak of tens of millions of files from the city’s internal network. The stolen files included the personal data of up ...
- Microsoft Security Bulletin Coverage for June 2024
June 11, 2024
Microsoft’s June 2024 Patch Tuesday has 49 vulnerabilities, 24 of which are Elevation of Privilege. The SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of June 2024 and has produced coverage for seven of the reported vulnerabilities. Read more… Source: Sonicwall Sign up for our Newsletter Related:
- QR code SQL injection and other vulnerabilities in a popular biometric terminal
June 11, 2024
Biometric scanners offer a unique way to resolve the conflict between security and usability. They help to identify a person by their unique biological characteristics – a fairly reliable process that does not require the user to exert any extra effort. Yet, biometric scanners, as any other tech, have their weaknesses. This article touches on biometric ...
- Singaporean businesses targeted by Akira ransomware
June 10, 2024
Akira – a ransomware hacker group -that extorted $42 million from over 250 organizations across North America, Europe, and Australia within a year, is now actively targeting businesses in Singapore, according to a joint advisory issued by Singaporean authorities. The Cyber Security Agency of Singapore (CSA), the Singapore Police Force, and the Personal Data Protection Commission ...
- Bypassing 2FA with phishing and OTP bots
June 10, 2024
Two-factor authentication (2FA) is a security feature we have come to expect as standard by 2024. Most of today’s websites offer some form of it, and some of them won’t even let you use their service until you enable 2FA. Individual countries have adopted laws that require certain types of organizations to protect users’ accounts ...

