Attackers drop DragonForce ransomware leveraging MS Teams relay systems
DragonForce ransomware abused Microsoft Teams relay infrastructure to hide C2 traffic.
20 articles
DragonForce ransomware abused Microsoft Teams relay infrastructure to hide C2 traffic.
DragonForce hid for months by routing malware traffic through Microsoft Teams infrastructure, masking C2 activity and evading network detection. DragonForce ...
The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in Dr...
The U.S.
The DragonForce ransomware operation, active since 2023 and linked to the Scattered Spider threat group, has employed custom Go-based malware dubbed "Backdoo...
The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure d...
Microsoft Teams’ trusted infrastructure has been exploited by threat actors to secretly route malicious traffic, leading to a highly stealthy ransomware camp...
Command and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defenders
DragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure.
Rhysida and Interlock sit inside the same ransomware supply chain, but their latest observed behavior shows a more nuanced relationship than simple code reus...
Two new Ransomware-as-a-Service (RaaS) entrants publicly recruited affiliates, underscoring a rapid reconsolidation of the ransomware market and a sharpening...
Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen. The post Ransomware Attack Shuts Down Mills of Australia’s S...
A Ukrainian national pleaded guilty to conspiracy to commit wire fraud in connection with the deployment of Conti ransomware, which targeted more than 1,000 ...
Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. The post Ukrainian Man Pleads Guilty in US to Conti Ra...
The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surface...
Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S.
Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and...
A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. [.
Oleksii Lytvynenko, a 44-year-old Ukrainian national, admitted to joining the prolific cybercrime group in 2021. Officials said he engaged in cybercrime up u...
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others