DragonForce ransomware hides command and control traffic within Microsoft Teams (opens in new tab)

Attackers deploying DragonForce ransomware have developed a sophisticated method to disguise malicious command-and-control traffic as legitimate Microsoft Teams activity. The intrusion involves a custom Go-based backdoor that allows attackers to maintain persistent access to compromised networks for extended periods. By routing communications through official Microsoft infrastructure, the malware evades detection from standard network monitoring tools. <a href="