Microsoft Teams phishing pushes DarkGate malware via group chats

January 30, 2024 at 12:47PM A recent phishing attack leverages Microsoft Teams group chat requests to distribute DarkGate malware via deceptive file attachments. Attackers exploit the default external messaging access and employ tactics such as double file extensions to trick victims. Organizations are advised to consider disabling External Access and to educate users on recognizing … Read more

‘BattleRoyal’ Hackers Deliver DarkGate RAT Using Every Trick

December 21, 2023 at 05:04PM An unidentified threat actor conducted numerous social engineering campaigns targeting American and Canadian organizations, aiming to infect them with the multifaceted DarkGate malware. Named “BattleRoyal,” the actor utilized a variety of techniques including phishing emails, fake browser updates, and exploit of Windows Defender vulnerability. The actor later switched to using … Read more

DarkGate and Pikabot malware emerge as Qakbot’s successors

November 21, 2023 at 10:56AM A sophisticated phishing campaign using DarkGate and PikaBot malware is posing a significant threat to organizations. The campaign began after the takedown of the Qakbot operation and is considered one of the most advanced since then. The attackers employ tactics similar to the previous Qakbot campaigns, indicating a shift to … Read more

DarkGate malware spreads through compromised Skype accounts

October 15, 2023 at 01:53PM DarkGate malware attacks have been using compromised Skype accounts to infect targets. The attacks involve VBA loader script attachments that download an AutoIT script to drop and execute the final DarkGate malware payload. Trend Micro researchers also observed DarkGate being pushed through Microsoft Teams. The malware-as-a-service operation has seen a … Read more