DarkGate Malware Exploits Messaging Services to Infect Organizations
DarkGate malware is being spread through instant messaging platforms like Skype and Microsoft Teams, using a Visual Basic for Applications (VBA) loader script disguised as a PDF document. When opened, the script triggers the download and execution of an AutoIt script that launches the malware. The origin of the compromised accounts used in the attacks is unclear, but it is suspected to be through leaked credentials or previous compromises. DarkGate is a commodity malware that harvests sensitive data, conducts cryptocurrency mining, and allows remote control of infected hosts. The malware has seen an increase in social engineering campaigns, leveraging tactics such as phishing emails and SEO poisoning. The attacks have been detected primarily in the Americas, followed by Asia, the Middle East, and Africa.
- DarkGate Malware Spreading via Messaging Services Posing as PDF Files The Hacker News
- DarkGate malware spreads through compromised Skype accounts BleepingComputer
- DarkGate Operator Uses Skype, Teams Messages to Distribute Malware DARKReading
- DarkGate Opens Organizations for Attack via Skype, Teams Trend Micro
- View Full Coverage on Google News
Reading Insights
0
1
2 min
vs 3 min read
76%
523 → 124 words
Want the full story? Read the original article
Read on The Hacker News