Cybercriminals are using fake IT support calls on Microsoft Teams to persuade employees to surrender control of their PCs before installing the EtherRAT remote access trojan, according to researchers at Palo Alto Networks’ Unit 42.
Victims receive a phishing email disguised as an employee survey before a follow-up Microsoft Teams call from someone claiming to be IT support. During the call, the attacker persuades the target to hand over remote control and install legitimate remote administration tools such as HopToDesk or AnyDesk. An MSI package is then downloaded, which installs the EtherRAT malware.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Gulf Air hit with data breach, customer data possibly affected
November 27, 2023
Gulf Air, the national air carrier for the Kingdom of Bahrain, has confirmed suffering a data breach which most likely resulted in hackers stealing sensitive customer information. The company confirmed the news via a press release shared with local media highlighting a “data breach incident” on November 24, possibly resulting in the compromise of “some information ...
- New Jersey: Montclair, Westwood Hospitals Divert Ambulances After Cyber Attack
November 27, 2023
Two hospitals in North Jersey are diverting ambulances from their emergency rooms after a cyber attack, authorities confirmed Monday. The attack impacted the computer systems at Mountainside Medical Center in Montclair, and Pascack Valley Medical Center in Westwood. Read more… Source: MSN News
- Foreign spy conducts cyberattacks against China’s defense, high-tech firm
November 27, 2023
China’s Ministry of State Security (MSS) disclosed a new case on Monday of foreign espionage activities involving the recruitment of a Chinese software developer who provided “technical services.” This spy agency used “poisoned” software to conduct cyberattacks and steal secrets from dozens of China’s defense and high-tech enterprises. Wang, a Chinese engineer in the network technology ...
- The Dark Side of AI: Large-Scale Scam Campaigns Made Possible by Generative AI
November 27, 2023
Generative artificial intelligence technologies such as OpenAI’s ChatGPT and DALL-E have created a great deal of disruption across much of our digital lives. Creating credible text, images and even audio, these AI tools can be used for both good and ill. That includes their application in the cybersecurity space. Read more… Source: Sophos
- New ransomware-as-a-service caters to cybercriminals with commercial expansion
November 23, 2023
New evidence suggests that the popular Play ransomware is now being rented out to cybercriminals. Known as ransomware-as-a-service (RaaS), cybercriminals can pay to use the malware itself alongside the infrastructure needed to pull off an attack.This is a relatively new phenomenon and can provide a steady stream of revenue for malicious cyber gangs. Read more… Source: MSN News
- Q3 2023 in Review: DDoS Attacks Report by StormWall
November 23, 2023
StormWall researchers observed that attacks have grown by 43% compared to Q3 2022. Over the past quarter, and according to the analysis conducted by the team, there have been three main trends affecting the surge in DDoS attacks: The number of multi-vector attacks has increased There’s been a significant spike in attacks that target multiple protocols or ...

