DarkGate - Malware delivered via Microsoft Teams malspam campaign

Affects:

Severity:

HIGH

Productivity
Impact:

MEDIUM

Fix
Estimate

1-2 minutes

Research:

https://www.malwarebytes.com/blog/news/2023/09/microsoft-teams-used-to-deliver-darkgate-loader-malware

Summary:

Adversaries are utilizing Microsoft Teams as a delivery channel for malware. This attack leverages deceptive Microsoft Teams chat messages sent from compromised Office 365 accounts to encourage victims to download malicious files, effectively bypassing existing security measures.

Remediation details

Restrict Microsoft Teams chat requests to specific external domains.Navigate to https://admin.teams.microsoft.com/dashboard

  1. Click on Users > External Access and change settings accordingly

Note. This will affect any existing external access granted so be sure to review the changes with your users to negate business impact

This Threat Is Automatically Protected By Overe Protect

Assess the security posture of all your MSP's clients and get actionable remediation steps, in under 3 minutes. 100% free.

Overe Background image
Assess For Free

Get up and running in under 2 minutes, no credit card required.

Get Started Free  

Free audit worth £1000

Thank you!
Your submission has been received!
Oops!
Something went wrong! Try again later
Overe Background image
Privacy PolicyTerms & ConditionsBlogFAQsThreat BulletinLinkedIn

© Overe 2024. All rights reserved.
Overe™ is a registered trade mark of Overe LTD UK.