Microsoft warns of new BazaCall malware campaign

Microsoft warns of new BazaCall malware campaign

The campaign uses fake copyright infringement emails and malicious files disguised as “stolen images”.

The Microsoft Security Intelligence team of cybersecurity experts has announced a new malicious BazaCall campaign.

“We are monitoring several active email campaigns that use BazarLoader to deliver a wide range of payloads,” Microsoft said in a statement.

The campaign, dubbed Stolen Images, uses fake copyright infringement contact form emails and malicious files that allegedly contain “stolen images.” In this way, scammers try to trick users into downloading malware.

“The recent campaign challenges the best practice of opening emails only from known contacts by using compromised accounts to intercept conversations and attach a Word document in a password-protected ZIP file. The document contains a macro that launches MSHTA to load BazarLoader, ”the experts explained.

Microsoft raised the alarm about BazaCall due to unusual and relatively costly methods that relied on phishing emails claiming expired trial subscriptions and upcoming payments. The emails do not contain links to web pages and instead entice potential victims to contact the call centre, after which the operator provides instructions to install malware under the guise of helping to reverse the fraudulent payment.

The installed backdoor allows BazaCall members to install ransomware on the victim’s device.

Catch up on more articles here

Follow us on Twitter here


Must read


Related Posts