Hackers Use Teams Calls To Hijack Systems - 1

Image by Gabriel Benois, from Unsplash

Hackers Use Teams Calls To Hijack Systems

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

The dangerous malware loader Matanbuchus has evolved into version 3.0, which enables attackers to conduct stealthy operations, resulting in ransomware infections.

In a rush? Here are the quick facts:

  • Matanbuchus 3.0 spreads via fake Microsoft Teams IT support calls.
  • It collects system data and security software details.
  • Commands are sent back from hackers through encrypted traffic.

Matanbuchus has existed as a Malware-as-a-Service (MaaS) since 2021, enabling cybercriminals to penetrate Windows systems before installing additional destructive malware.

The latest version has added powerful tools. “Matanbuchus 3.0 was introduced with significant updates to its arsenal,” researchers at Morphisec said. The updated version includes new delivery methods, enhanced communication protocols, memory-hiding capabilities, and security system evasion features. It even mimics apps like Skype to hide its activity.

Morphisec report notes that one alarming case happened in July 2025. An attacker impersonated IT support through a fake Microsoft Teams call. The attacker tricked an employee into executing a script, which secretly deployed Matanbuchus.

Morphisec explains that the script unpacked a zip file with a renamed Notepad++ updater and a corrupted configuration file. This version tricked users using a nearly identical domain: instead of the real site ‘notepad-plus-plus.org’, attackers used ‘notepad-plus-plu[.]org’.

Once installed, the malware performs a system check to verify it operates on a genuine computer instead of a testing environment. The malware steals system data, including username information, security software details, and operating system specifications. Attackers receive encrypted stolen data, through which they choose their next course of action, including malware or ransomware deployment.

The Matanbuchus 3.0 malware costs $10,000 for the HTTP version, while the DNS version requires a $15,000 investment, as reported by Morphisec. The codebase allows users to execute commands through CMD, PowerShell, and WQL, gather installed applications and updates, and perform deep system-level operations, including process injection.

With its advanced stealth and wide range of tools, experts at Morphisec warn Matanbuchus 3.0 is “a significant risk to compromised systems.” Cybersecurity teams are urged to stay alert for signs of this malware and educate staff about social engineering threats.

Reddit Rolls Out New Age Verification System In The UK - 2

Photo by Brett Jordan on Unsplash

Reddit Rolls Out New Age Verification System In The UK

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

Reddit started to roll out a new age verification system in the United Kingdom. The new technology will prevent users under 18 from viewing mature content.

In a rush? Here are the quick facts:

  • Reddit has begun rolling out a new age verification system in the UK to prevent users under 18 from viewing mature content.
  • Chief Legal Officer Ben Lee said the system is powered by the identity verification platform Persona.
  • Users will not need to share names or account content through the ID verification app.

Reddit’s Chief Legal Officer Ben Lee, known on the platform as “traceroo”, shared a post on Monday explaining the new measure.

“The UK Online Safety Act has new requirements to implement additional measures to prevent children from accessing age-inappropriate content,” wrote Lee. “So, starting July 14 in the UK, we will begin collecting and verifying your age before you can view certain mature content.”

The measure has been taken after the Information Commissioner’s Office announced in March that it was launching an investigation on multiple social media platforms, including Reddit, into how they safeguard children’s information.

Lee explained that, in an effort to comply with UK regulations while upholding Reddit’s core values—particularly its commitment to user anonymity—, the company has developed a system that verifies age without requiring users to disclose excessive personal information. This system is powered by the identity verification platform Persona.

“To verify your age, we partner with a trusted third-party provider (Persona) who performs the verification on either an uploaded selfie or a photo of your government ID,” added Lee. “Reddit will not have access to the uploaded photo, and Reddit will only store your verification status along with the birthdate you provided so you won’t have to re-enter it each time you try to access restricted content.”

Persona will retain the user’s ID image for no more than seven days and will not have access to the user’s activity or information on Reddit.

Lee also clarified that users’ ages or birthdays will not be visible to other users or advertisers. He also announced that they plan to introduce additional verification systems in the future to determine whether users are real humans rather than AI bots, though he did not provide specific details.

Reddit first warned about a new measure to make sure that users’ are human in May, after researchers reportedly deployed AI bots on the platform.