SECURITYBLEEPING COMPUTER
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
The DragonForce ransomware gang used a custom malware named 'Backdoor.Turn' to conceal command-and-control traffic within Microsoft Teams' relay infrastructure. This method allowed malicious activity to evade detection by leveraging legitimate communication channels.
Related Signal
Adjacent reporting
- Law enforcement shuts down VPN service used by two dozen ransomware gangs
- The Gentlemen ransomware now uses SystemBC for bot-powered attacks
- MuddyWater hackers use Chaos ransomware as a decoy in attacks
- Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
- Europe dismantles VPN service used by cybercriminals to hide ransomware attacks
- Iran cybersnoops still LARPing as ransomware crooks in espionage ops