Microsoft says this new malware could bankrupt your business

BazaCall scam lacks tell-tale signs, which makes it a challenge to identify

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityexperts atMicrosoftare warningOffice usersof an elaborate newmalwarecampaign that involves fake subscriptions, and fraudulent call centers.

Researchers at Microsoft Security Intelligence (MSI), who are actively tracking the campaign dubbed BazaCall, warn that the eventual goal of the threat actors is to deployransomware.

“We’re tracking an active BazaCall malware campaign leading to human-operated attacks and ransomware deployment,”MSI sharedvia its official Twitter account.

The team added that the campaign gets its name from the BazaLoader malware that it seeks to deploy.

Ongoing campaign

Ongoing campaign

Unraveling the modus operandi of the attack, MSI notes that inspired by a traditional tech-support scam, the campaign first uses emails to lure recipients to ring up a number to cancel their supposed subscription to a particular service.

Engaging with the threat actors on the other side of the fraudulent call center, the unsuspecting user is then instructed to download anExcelfile in order to cancel the service. MSI says that this Excel file contains a malicious macro that downloads the BazaLoader malware.

MSI says that whileMicrosoft 365Defender is equipped to identify and defend against such spurious emails, it is the lack of any tell-tale malicious elements in the emails that is currently proving to be a challenge.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Even as they continue to study and understand the ongoing campaign in detail, the MSI teamhas sharedadvanced hunting queries to help IT and cybersecurity staff to identify signs of the campaign, including the fraudulent emails, in order to nip the attack in the bud itself.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set