Feb. 02, 2024 at 7:09 pm

DarkGate Malware Emerges in Microsoft Teams: A Cloud-Centric Threat Landscape and the Urgency for Enhanced Cloud Security in 2024

CXOtoday News Desk4 months agoFebruary 2, 2024

Paolo Passeri, Cyber Intelligence Specialist at Netskope said:

“The DarkGate malware was developed in 2017 and traded as MaaS (Malware-as-a-Service). The campaign has made headlines recently after being discovered in chat groups on Microsoft Teams, which has 280 million users per month. While the DarkGate Loader was originally distributed via phishing emails, last year attackers evolved their attack methodology and started to exploit several cloud services for distribution. This is not the first time it’s been active in Microsoft Teams – in August last year DarkGate used Teams to deliver its payload (which was hosted on a Microsoft SharePoint site).

The important thing to note is that this latest development is completely in line with the wider trend of threat actors using cloud applications at multiple points within the kill chain of their attack. Cloud applications enable a flexible malicious payload, and a flexible cloud infrastructure to deliver it. 46% of malware was delivered from the cloud in December 2023, so it is no surprise that threat actors constantly seek out an increasingly complex attack chain where multiple legitimate services are chained with the sole purpose to lure the victims to download the malicious payload, and to evade the legacy web (and email) security technologies that are not instance-aware, not suited to inspect SSL traffic at scale, and hence blind to the context.

Organisations must ensure cloud security is at the top of their list for tactical security priorities for 2024, because attackers are going to continue to take advantage of any security gaps.”

About Paolo Passeri, Cyber Intelligence Specialist at Netskope:

Paolo supports Netskope’s customers in protecting their journey to the cloud and is a security professional, with 20+ years experience in the infosec industry. He is the mastermind behind hackmageddon.com, a blog detailing timelines and statistics of all the main cyber-attacks occurred since 2011. It is the primary source of data and trends of the threat landscape for the Infosec community.

add a comment

CXOtoday is a premier resource on the world of IT, relevant to key business decision makers. We offer IT perspective & news to the C-suite audience. We also provide business and technology news to those who evaluate, invest, and manage the IT infrastructure of organizations. CXOtoday has a well-networked and strong community that encourages discussions on what’s happening in the world of IT and its impact on businesses.

Useful Links

Information

Connect

DarkGate Malware Emerges in Microsoft Teams: A Cloud-Centric Threat Landscape and the Urgency for Enhanced Cloud Security in 2024

MATH Forges Strategic Partnerships with 50+ Universities, Fueling Innovation in AI and ML at Mathademia 2024

Ethics and Compliance: The Foundation of Sustainable Business Practices

The Next Wave of FinTech: Trends and Transformations

Weathering the Storm: How Parametric Insurance Shields Businesses from Climate Change

MATH Forges Strategic Partnerships with 50+ Universities, Fueling Innovation in AI and ML at Mathademia 2024

ideaForge announces Flyght Cloud platform, revolutionizing Drone Data Analytics

DPIIT organizes ONDC Startup Mahotsav in New Delhi; platform for startups to leverage Open Network for Digital Commerce

Tenable Warns That Kinsing Malware Is Exploiting Apache Tomcat Servers With New Advanced Stealth Techniques

Retail Distribution and Solutions Company, Channelplay achieves a remarkable growth of 23% in Q1’24

You Might Also Like