Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
An attacker used social engineering via a Microsoft Teams call to impersonate a client and gain remote access to a user's system. The victim was tricked into downloading AnyDesk, allowing the attacker to drop suspicious files, including DarkGate malware. The attack involved multiple stages, including the execution of malicious commands, system information gathering, and connection to a command-and-control server. The DarkGate payload was delivered through an AutoIt script, which injected itself into legitimate processes. Although persistent files and a registry entry were created, the attack was thwarted before data exfiltration occurred. The incident highlights the importance of robust security measures and awareness against social engineering attacks.
OPENCTI LABELS :
darkgate,vishing
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion