Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Microsoft Alerts on Storm-0324 Phishing

September 14, 2023
Reading Time: 2 mins read
in Alerts

Microsoft has issued a warning about a new phishing campaign known as Storm-0324 that uses Microsoft Teams messages to infiltrate corporate networks. This campaign, also referred to as TA543 and Sagrid, marks a shift away from email-based infection methods, using open-source tools and malicious links within Teams chats to distribute various payloads, including ransomware and trojans.

Furthermore, Storm-0324 operates as a payload distributor, offering services to propagate these payloads using evasive infection chains, such as downloaders, banking trojans, and modular toolkits like Nymaim and TrickBot. The malware‘s access provides a gateway for the ransomware-as-a-service actor Sangria Tempest to conduct post-exploitation actions and deploy file-encrypting malware.

In past attacks, Storm-0324 employed deceptive invoice- and payment-themed email messages to trick users into downloading ZIP archive files distributing malware like JSSLoader.

The actor behind Storm-0324 uses highly evasive techniques, including traffic distribution systems like BlackTDS and Keitaro, to evade detection and successfully redirect victims to malicious download sites. Microsoft has suspended accounts associated with fraudulent behavior and implemented security enhancements to mitigate this threat.

Additionally, in addition to the Storm-0324 warning, Kaspersky detailed the tactics, techniques, and procedures of the ransomware group known as Cuba, which employs a double extortion business model to attack companies globally.

Ransomware attacks have surged in 2023, with the U.K. National Cyber Security Centre and National Crime Agency emphasizing the importance of robust cybersecurity practices, as most ransomware incidents result from poor cyber hygiene and opportunistic initial access.

Reference:
  • Malware distributor Storm-0324 facilitates ransomware access
Tags: Cyber AlertCyber Alerts 2023CybersecurityMicrosoftMicrosoft TeamsPhishingSagridSeptember 2023Storm-0324TA543Vulnerabilities
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial