![]() Image: AdvIntel Several ransomware threat actors at stakeĪccording to AdvIntel, at least “three autonomous threat groups have adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology.” Once done, the threat actor has a functional backdoor to the victim’s computer, which can later be used for further exploitation (Figure A).įigure A BazarCall process infographic based on the Jörmungandr campaign run by Quantum threat actor. On an interesting note, the weaponized tools were previously typical of Conti’s arsenal. Once in control of the computer, the threat actor weaponizes legitimate tools while pretending to assist with remote desktop access, still using social engineering techniques. When the victims call the phone number controlled by the threat actor, various social engineering methods are used to convince the victims to allow remote desktop control via legitimate software, supposedly to help them cancel their subscription service without any stress. There is no other way to reach the subscription service other than making a phone call. The email contains a phone number in case the target wants to cancel the subscription and avoid paying for it. The threat actor sends legitimate-looking email to targets, pretending they have subscribed to a service with automatic payment. It all starts with an email, as is often the case. How to secure your email via encryption, password management and more (TechRepublic Premium)īazarCall, also known as call back phishing, is a method used by cybercriminals to target victims via elaborate phishing. In security, there is no average behavior What is BazarCall and how does it work? Must-read security coverageĨ5% of Android users are concerned about privacyĪlmost 2,000 data breaches reported for the first half of 2022 Image: Adobe StockĪdvIntel has released a new publication about several threat actors now using BazarCall in an effort to raise awareness of this threat. BazarCall attack increasingly used by ransomware threat actorsĪlready three independent threat groups are using it to heavily target companies.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |