Skip to content

Microsoft Tracking Phishing/Malware Campaign

Posted by: GuidePoint Security

< 1 min read

For the second week in a row, Microsoft has announced it is tracking a phishing campaign—this time involving the ‘BazaCall’ malware that can lead to ransomware deployment. (You can read about the business email compromise (BEC) attack disrupted by Microsoft two weeks ago here.) The campaign involves phishing emails that instruct the target to contact a number to cancel a subscription. When called, the victim reaches a malicious call center where they are instructed to visit a website and download an Excel file. The file contains malicious macros that download a payload that uses Cobalt Strike to steal credentials, including the Active Directory database. The malware ultimately provides backdoor access to enable to the cybercriminals to deliver other malware, scan the environment, and target other systems on the same network. Researchers note that the cybercriminals are changing the contact phone numbers at least once daily to make it more difficult to stop or block the number.

Microsoft security professionals continue to monitor this threat.

Check out our other blog posts from this past week.

Categories: Blog Cybersecurity

GuidePoint Security

Countering The Threat Of Spear-Phishing
With Spear-Phishing, many organizations feel like their tools will help them stop the attacks. This is true at some levels, […]
Download

Related Articles

View All

  • Security Awareness & Education
Countering The Threat Of Spear-Phishing
Read More < 1 min read
  • Blog
Wormable Ransomware: Cybersecurity Week in Review—06/21/21
Posted by: GuidePoint Security
Read More 2 min read
  • Blog
SolarMarker SEO Poisoning & Moobot: Cybersecurity Week in Review—06/14/21
Posted by: GuidePoint Security
Read More 6 min read