Help Net Security

Cybercriminals mask malicious communications through Microsoft Teams relays (opens in new tab)

Covers How a Tax Search Leads to Kernel-Mode AV/EDR KillCovered by pathandpayload.com, Metacurity

The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomware-as-a-service operation that has been active since 2023. The group provides affiliates with ransomware tools and supporting services in exchange for a share of ransom payments. First known abuse of Microsoft Teams TURN infrastructure “Backdoor...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 2 articles

pathandpayload.com·

Borrowing Trust From Microsoft: Breaking Down the DragonForce Teams Relay Campaign

Feeds
Metacurity·

Anthropic watch: Congress scrambles, Europe recoils, and Anthropic's halo grows brighter

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help