Vishing via microsoft teams facilitates darkgate malware intrusion

Intel Name: Vishing via microsoft teams facilitates darkgate malware intrusion

Date of Scan: December 25, 2024

Impact: Medium

Summary:
In a recent incident, an attacker used social engineering through a Microsoft Teams call to impersonate a client and gain remote access to a victim’s system. The attacker successfully tricked the victim into downloading AnyDesk, a remote access tool, and dropped suspicious files, including Trojan.AutoIt.DARKGATE.D. This malware used Autoit3.exe to connect to a command-and-control server and download a malicious payload. Although persistent files and a registry entry were created, the attack was stopped before exfiltration occurred.

More Details