The dangerous malware focused on organizations and that you should avoid due to its danger if you see this attached file in Microsoft Teams itself.
A new malware campaign has been found that is abusing email messages. Microsoft Teams to send different malicious attachments and that are capable of installing dangerous malware called DarkGate Loader.
The campaign began last month when two compromised official Office 365 accounts managed to send fraudulent Microsoft Teams messages to organizations.
As official accounts were compromised, many organizations fell into the trap, causing them to download and open a ZIP file called “vacation calendar changes.”
Clicking this attachment triggers a download from an external URL containing an LNK file disguised as a PDF document.
Truesec researchers analyzed this Microsoft Teams phishing campaign and discovered that it contains the malicious VBScript script, which is capable of triggering an infection chain that leads to a payload identified as DarkGate Loader.
Even though Microsoft has been aware of the scope of this campaign for some time, they decided not to address the issue and instead recommended that administrators enforce secure settings such as allowlists and disable external access if not necessary.
He malware It has already been circulating since 2017, and at the moment it is having quite limited use, given that cybercriminals prefer to focus it on organizations.
This malware is really dangerous, since it can achieve remote access, cryptocurrency mining, keylogging, theft of what we have copied to the clipboard and extraction of information such as different files or data from the browser.