All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

DragonForce ransomware group hides command-and-control traffic inside Microsoft Teams communications

Cybercriminals deploying DragonForce ransomware breached a major US services company's network and spent two months hiding their command-and-control activities by disguising them as legitimate Microsoft Teams traffic. Symantec researchers identified the intrusion involved a custom Go-based backdoor called "Backdoor.Turn" that routed malicious communications through Microsoft's services, making the attack appear as routine corporate collaboration.

Carly Page23d ago2 min readenNews
Read on theregister.com

Key quotes

Cybercrims deploying DragonForce ransomware appear to have gained access to a major US services company's network, then spent two months up to no good while disguising their command-and-control activities as legitimate Microsoft Teams traffic.
Researchers at security firm Symantec said the intrusion began with attackers gaining access to the victim's environment before deploying a custom Go-based backdoor, tracked as 'Backdoor.Turn,' to maintain communication with the compromised systems.
Rather than reaching out to attacker-controlled infrastructure, the malware routed communications through legitimate Microsoft services, making malicious activity look like routine corporate collaboration.

From the article

Custom malware routed communications through legitimate Microsoft services, making malicious activity look like routine corporate collaboration
Continue reading on theregister.com

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.