BazarLoader malware actors have started working with underground call centres to fool targets of their spamming campaign by making them open corrupted Office files and corrupting their devices with malware. It's not the first time when underground call centres and the hacking group have come up to work together, however, it's the first time when the likes of the BazarLoader gang, a major Malware distributer, have used this technique on such a massive scale.
How it took place?
The recent attacks have been very unique from the general malware scenario of today, the attackers have their own identities, normally known as BazaCall or BazarCall, the reason being they depend upon telephone calls to conduct their infiltration. Currently, the attack techniques that these hackers use are simple and yet effective. The group (BazarLoader) initiates the malware campaign by sending spam campaigns to specific targets. To attract the attention of the users, the email baits the victims through offers, subscriptions, free trials, etc.
The email also consists of details for users to call a specific number that is mentioned in the mail to know more about the offer. If the victim dials the mentioned number, they are redirected to a call centre, here, a supposed operator tells directs the victim into downloading an office file, tells the user to disable the office security features, and run an excel or word file which allows hackers to run macros (automated scripts), that is used to download and install the malware in victims' device. Thanks to cybersecurity expert Brad Duncan, the phone recordings of one of the call centres involved are available.
Targets include hig ..
Support the originator by clicking the read the rest link below.
