Matsco Solutions is aware of FakeUpdates campaigns discovered by security researcher.
According to public information provided by BeepComputer, Microsoft is warning its customers about the so-called “FakeUpdates” campaigns in a non-public security advisory, attackers in the latest FakeUpdates campaign using search-engine ads to push top results for Teams software to a domain that they control and use for fake Microsoft Teams updates to deploy backdoors, which use Cobalt Strike to infect companies’ networks with malware. If victims click on the link, it downloads a payload that executes a PowerShell script, which loads malicious content.
Matsco Solutions recommends that organization take the following security measures if applicable and increase wide awareness of malware masquerading as legitimate applications such as Microsoft Teams.
- Use web browsers that can filter and block malicious websites
- Verify websites, sender address belong to the legitimate vendor prior to clicking any links for downloading executable content
- Ensure Anti-Virus/Anti-Malware programs and signatures are up to date
- Follow the principle of "Least Privilege" to limit the potential damage of infections
For further information please refer to information released by public security research community:
Please contact the Matsco Solutions team on the below if you would like any further information.
support@matscosolutions.com
Beijing +86 400 120 2782
Hong Kong +852 8101 8418
London +44 (0)20 7821 4950
New York +1 866 446 9226
Singapore +65 6100 1090
Share this Post