![]() ![]() With the growth in cyberattacks, people are increasingly aware of the common tactics used by adversaries. What we find particularly interesting is the evolution of the social engineering tactics of BazarCall. As the BazarCall campaign grew, it was also found to be delivering other malware such as Trickbot, Gozi IFSB, IcedID and more. ![]() For those interested in more details about BazaarLoader, this article by “The DFIR Report” contains a comprehensive explanation on how a BazaarLoader infection led to the installation of Conti Ransomware in a span of 32 hours. ![]() It was initially found to be delivering BazaarLoader (backdoor) which was used as an entry point to deliver ransomware. And when they do, the users are connected with actual humans on the other end of the line, who then provide step-by-step instructions for installing malware into their devices.īazarCall campaigns first came into the limelight in late 2020 and since then Trellix has seen a constant increase in attacks pertaining to this campaign. It’s a technique reminiscent of vishing and tech support scams where potential victims are being cold called by the attacker, except in BazarCall’s case, targeted users must dial the number. Evolution of BazarCall Social Engineering TacticsĪs nicely defined in this article by Microsoft:īazarCall campaigns forgo malicious links or attachments in email messages in favor of phone numbers that recipients are misled into calling. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |