Ransomware Gangs Exploit Microsoft Teams for Phishing Attacks
/ 1 min read
📡 Ransomware Gangs Use Email Bombing and Microsoft Teams to Deploy Malware. Cybersecurity researchers from Sophos have identified a rising trend among ransomware groups, including Black Basta, using email bombing followed by impersonating IT support in Microsoft Teams calls to gain remote access to corporate networks. Attackers flood targets with thousands of spam messages before calling from a compromised Office 365 account, convincing victims to install malware. Two distinct campaigns, linked to groups STAC5143 and STAC5777, involved sophisticated techniques such as side-loading malicious files and logging keystrokes. To mitigate these threats, organizations are advised to restrict external communications on Microsoft Teams and disable tools like Quick Assist in sensitive environments.
