Security Stop Press : New Phishing Campaign Targeting Teams

Written by: Paul |

Microsoft has warned of a new phishing campaign from the “financially motivated” Storm-0324 threat actor which uses an open-source tool to send phishing lures through Microsoft Teams chats.

The goal is accessing corporate networks and enabling follow-on attacks like ransomware, i.e. handing off access to compromised networks to other threat actors. The campaign leverages the open-source TeamsPhisher tool to attach files to messages.

Microsoft says it has rolled out improvements to better defend against the threat and has suspended identified accounts. Microsoft also gives a list of recommendations to harden networks against Storm-0324 attacks on its website here.