SECURITYTHE HACKER NEWS
DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic
Threat actors linked to DragonForce ransomware used Backdoor.Turn, a custom Go-based remote access trojan, to conceal command-and-control traffic via Microsoft Teams relay infrastructure. The malware was deployed against a major U.S. services firm, according to Symantec and Carbon Black.
Mentioned
Related Signal
Adjacent reporting
- Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
- SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
- Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
- The Gentlemen ransomware now uses SystemBC for bot-powered attacks
- Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2