BazaCall

BazaCall 

Microsoft 365 Defender Threat Intelligence Team have identified scammers sending out e-mails to microsoft users trying to trick them into telephoning a phoney call centre manned by hackers who then try to get you to download and install ransomware onto your computer

Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart from having backdoor capabilities, the BazaLoader payload from these campaigns also gives a remote attacker hands-on-keyboard control on an affected user’s device, which allows for a fast network compromise. In our observation, attacks emanating from the BazaCall threat could move quickly within a network, conduct extensive data exfiltration and credential theft, and distribute ransomware within 48 hours of the initial compromise.

Read the full article here