Hackers Leverage Microsoft Teams To Deploy Malware - 1

Image by fptsmartcloud, from Pxhere

Hackers Leverage Microsoft Teams To Deploy Malware

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

A recent cybersecurity breach revealed how a social engineering attack, leveraging voice phishing (vishing) through Microsoft Teams, enabled a malicious actor to deploy DarkGate malware on a victim’s system.

In a Rush? Here are the Quick Facts!

  • Voice phishing through Microsoft Teams led to DarkGate malware deployment.
  • Victim convinced to download AnyDesk after failed Microsoft Remote Support installation.
  • Attacker gained system access by convincing victim to enter credentials.

The attack, analyzed by Trend Micro’s Managed Detection and Response (MDR) team, highlights the evolving nature of cyber threats and the critical need for robust defense strategies. The attack began when the victim received several thousand emails before an attacker posing as a client representative called via Microsoft Teams.

The impersonator instructed the victim to download the Microsoft Remote Support application, but after this installation attempt failed, the attacker successfully convinced the victim to download AnyDesk, a legitimate remote desktop tool.

The attacker then guided the victim to enter their credentials, granting unauthorized access to the system.

Once inside the system, the attacker dropped multiple suspicious files, one of which was identified as Trojan.AutoIt.DARKGATE.D, initiating a series of commands. This led to the connection with a potential command-and-control (C&C) server, enabling the attacker to execute further malicious actions.

Although the attack was halted before any data exfiltration occurred, it underscored several vulnerabilities in remote access management and social engineering tactics.

The attacker used AutoIt scripts to gain remote control of the victim’s machine, executing commands to gather system information and establish a more persistent foothold.

Notably, the AutoIt3.exe process executed a series of commands that downloaded additional malware, including scripts that attempted to connect to external IPs. The malware was designed to avoid detection by searching for antivirus products and creating multiple random files to obscure its presence.

The ultimate goal of the attack appeared to be the installation of a final DarkGate payload. This payload would have further enabled the attacker to control the victim’s system and potentially exfiltrate sensitive data. However, the attack was detected in time, preventing the attacker from achieving their objective.

To defend against such attacks, experts recommend organizations vet third-party technical support providers thoroughly. Remote access tools, like AnyDesk, should be whitelisted and monitored, with multi-factor authentication (MFA) enabled to prevent unauthorized access.

Additionally, employees should receive regular training to recognize social engineering tactics and phishing attempts, which remain a key vector for cyberattacks.

Opinion: What Is the Fediverse, and Why Is It Gaining Popularity Now? - 2

Image generated with DALL·E through ChatGPT

Opinion: What Is the Fediverse, and Why Is It Gaining Popularity Now?

  • Written by Andrea Miliani Former Tech News Expert

A few days ago, Threads announced users are now able to follow other platforms in the fediverse . The news was shared with excitement by Mark Zuckerberg, Meta CEO, and Adam Mosseri, head of Instagram and Threads, on Meta’s platform.

However, something caught my attention and I saw a pattern in both publications: hundreds of users were confused and started asking what the fediverse was. Most of them didn’t even understand the announcement.

“ Could you please explain this to me like I’m 5? I really have no clue what this is or why I need it… ” wrote on user on Mosseri’s post .

“How do you just make a post like this without having some high-level explanation of the fediverse? NO ONE knows what you’re talking about!,” complained another one on Zuckerber’s post .

The fediverse is not new, but one thing is clear: it is essential to first educate more about the Fediverse in order to celebrate this kind of news and appreciate its potential.

So… What is the Fediverse?

The fediverse is an interconnected network where multiple social media platforms can exchange information, allowing users to interact from different platforms.

The word “fediverse” comes from “federated” and “universe,” a portmanteau that refers to the platforms’ independence while interconnected in a larger ecosystem. The condition for these platforms to communicate in that ecosystem is that they must run in the same protocol and ActivityPub is currently the dominant one.

Meta and Britannic a use the analogy of the email to understand this technology better: you host your email address in a platform like Gmail but can still interact and send emails to other platforms like Yahoo, Hotmail, or Outlook.

Well, the fediverse refers to a similar situation but with social media platforms, it was conceived for microblogging—with the platform Identi.ca in 2008 as a decentralized alternative to Twitter. This ecosystem allows users to post, like and get followers across multiple platforms without logging in and out of one to interact in another the way we currently do for Facebook, Pinterest, or X. Sounds interesting, right?

However, each social media network determines its own rules, like Threads just did. The condition for Threads users to interact with Mastodon users is that Mastodon users must interact with the content posted on Meta’s platform first.

The other factor to consider is that the main platforms —Mastodon, Pleroma, PeerTube, and Diaspora—that are currently built under ActivityPub to interconnect on this network are not that popular. Except for Threads now, which suggests an interesting evolution in the social media market.

Social Media Migration

We have been experiencing a new phenomenon in modern times: digital migration. Especially on social media. Many users have been leaving Facebook for Instagram, X for Bluesky and Threads, and so on.

Due to policy or algorithm updates, new paid programs, randomly canceled accounts, and political reasons, many users have realized the need to migrate to other platforms. In 2024, we’ve witnessed significant migration waves.

This summer, hundreds of thousands of artists left Instagram and Facebook after Meta announced that it will be training its AI models with images and content shared by users. They decided to join Cara , a new social media app created by photographer Jingna Zhang, promising to protect copyright and prioritize human-created art and content.

Millions of users joined Bluesky after the results of the U.S. elections a few weeks ago, and now American TikTok creators are urging followers to join them on other platforms like Instagram or YouTube as they fear the U.S. government will ban the app in January.

Content creators and influencers have realized they don’t have full control of their accounts and that the decision to migrate comes at a cost, like losing a large audience they had been growing for years.

A Decentralized Future

The fediverse is not new, but it’s a possible solution for the current issues with social media platforms, and recent updates suggest we could see more of this ecosystem in the future.

Even if the fediverse has been around for over a decade and many decentralized social media platforms have failed to prevail—like identi.ca—it seems to be getting a new boost.

Last year, WordPress.com launched an ActivityPub plugin to allow blogs to connect with the fediverse. Other platforms like Tumblr, Flikr, and Flipboard have been working in integrations too.

The open-source service Bridgy Fed is working with Bluesky—another open-source platform that runs in a different protocol, on AT Protocol—to link the platform to ActivityPub.

Bluesky recently reached a milestone, it gained over 1 million users within 24 hours and has been growing exponentially for the past few weeks. Threads announced they just reached 100 million active users .

While other huge platforms like Facebook, X, Instagram, or Linkedin haven’t shown any interest in joining the fediverse for now, the open-source ecosystem seems to be gaining more and more relevance. The possibility of sharing a single post across multiple platforms is starting to make much more sense today.

The fediverse might redefine the way we connect, and it’s approaching faster than we ever imagined—or at least a lot faster than when it started.