Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Microsoft Alerts on Storm-0324 Phishing

September 14, 2023
Reading Time: 2 mins read
in Alerts

Microsoft has issued a warning about a new phishing campaign known as Storm-0324 that uses Microsoft Teams messages to infiltrate corporate networks. This campaign, also referred to as TA543 and Sagrid, marks a shift away from email-based infection methods, using open-source tools and malicious links within Teams chats to distribute various payloads, including ransomware and trojans.

Furthermore, Storm-0324 operates as a payload distributor, offering services to propagate these payloads using evasive infection chains, such as downloaders, banking trojans, and modular toolkits like Nymaim and TrickBot. The malware‘s access provides a gateway for the ransomware-as-a-service actor Sangria Tempest to conduct post-exploitation actions and deploy file-encrypting malware.

In past attacks, Storm-0324 employed deceptive invoice- and payment-themed email messages to trick users into downloading ZIP archive files distributing malware like JSSLoader.

The actor behind Storm-0324 uses highly evasive techniques, including traffic distribution systems like BlackTDS and Keitaro, to evade detection and successfully redirect victims to malicious download sites. Microsoft has suspended accounts associated with fraudulent behavior and implemented security enhancements to mitigate this threat.

Additionally, in addition to the Storm-0324 warning, Kaspersky detailed the tactics, techniques, and procedures of the ransomware group known as Cuba, which employs a double extortion business model to attack companies globally.

Ransomware attacks have surged in 2023, with the U.K. National Cyber Security Centre and National Crime Agency emphasizing the importance of robust cybersecurity practices, as most ransomware incidents result from poor cyber hygiene and opportunistic initial access.

Reference:
  • Malware distributor Storm-0324 facilitates ransomware access
Tags: Cyber AlertCyber Alerts 2023CybersecurityMicrosoftMicrosoft TeamsPhishingSagridSeptember 2023Storm-0324TA543Vulnerabilities
ADVERTISEMENT

Related Posts

Fake DocuSign Alerts Target Corporate Logins

Fake DocuSign Alerts Target Corporate Logins

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Microsoft Void Blizzard Cyber Threat Alert

May 28, 2025
GhostSpy Android Malware Full Device Control

FBI Warns Luna Moth Targets US Law Firms

May 27, 2025
GhostSpy Android Malware Full Device Control

Winos 4.0 Malware Spread Via Fake Installers

May 27, 2025
GhostSpy Android Malware Full Device Control

GhostSpy Android Malware Full Device Control

May 27, 2025

Latest Alerts

Microsoft Void Blizzard Cyber Threat Alert

Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

FBI Warns Luna Moth Targets US Law Firms

Winos 4.0 Malware Spread Via Fake Installers

GhostSpy Android Malware Full Device Control

Subscribe to our newsletter

    Latest Incidents

    Migos IG Hack Blackmails Solana Cofounder

    Tiffany & Co. Faces Data Breach Incident

    MathWorks Crippled by Ransomware Attack

    Everest Ransomware Leaks Coke Staff Data

    Adidas Data Breach Exposes Customer Contacts

    Semiconductor Firm AXT Hit by Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial