MalwareBleeping Computer
9.0 — CRITICAL
Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a browser extension, a tunneler, and a backdoor. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A threat actor, tracked as UNC6692, used social engineering tactics via Microsoft Teams to deploy a custom malware suite called 'Snow' that includes a browser extension, tunneler, and backdoor to steal sensitive data after compromising the network.
⚙️Technical Details
Affected Systems
Microsoft Edge
Attack Vectors
Email bombingQuick Assist remote access toolAutoHotkey scriptsRemote desktop protocol (RDP)
💥Impact Assessment
Severity: critical
Who Is at Risk
Organizations with Microsoft Teams and compromised networks, particularly those in the finance and government sectors.
🛡️Recommended Actions
1Implement strict email filtering and blocking policies to prevent email bombing attacks.
2Disable Quick Assist remote access tool and limit remote desktop protocol (RDP) access to trusted users only.
3Regularly monitor network activity for suspicious behavior and implement intrusion detection systems.
📦Affected Products
Microsoft TeamsAutoHotkey scripts
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.