Malware uses underground call centers to trick users into infecting themselves

Malware uses underground call centers to trick users into infecting themselves

A team of information security specialists Microsoft Security Intelligence warned users about the ongoing malicious campaign BazaCall, whose operators are trying to install ransomware on victim systems.

As part of the BazaCall campaign, criminals send out emails asking recipients to call a specified number to cancel an alleged subscription to the service. By calling the number, users are actually going to a fraudulent call centre run by attackers. The perpetrators recommend that victims visit a specific website and download a Microsoft Excel file to complete the procedure. The file, in turn, contains a malicious macro for downloading malware.

According to experts, attackers use Cobalt Strike beacons and steal credentials, including the Active Directory database, using the open-source software rclone.

The experts noted that the phone numbers in the cybercriminals’ emails change “at least daily,” and sometimes more than two numbers could appear a day.

Catch up on more articles here

Follow us on Twitter here

Popular

Must read

MORE ON THIS TOPIC:

Related Posts