Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
Tags
attack-pattern: Data Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Tool - T1588.002 Vulnerabilities - T1588.006 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID cf3d7470-adb3-40dc-8536-2e2357b398fc
Fingerprint 2cc3b999ba13d369
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 25, 2024, midnight
Added to db Oct. 25, 2024, 11:29 p.m.
Last updated Nov. 15, 2024, 12:44 p.m.
Headline Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
Title Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
Detected Hints/Tags/Attributes 28/1/8
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/black-basta-ransomware-poses-as-it-support-on-microsoft-teams-to-breach-networks/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 279 BleepingComputer https://www.bleepingcomputer.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 13 
securityadminhelper.onmicrosoft.com
Details Domain 14 
supportserviceadmin.onmicrosoft.com
Details Domain 12 
supportadministrator.onmicrosoft.com
Details Domain 12 
cybersecurityadmin.onmicrosoft.com
Details Domain 5 
qr-s1.com
Details File 7 
antispamaccount.exe
Details File 7 
antispamupdate.exe
Details File 8 
antispamconnectus.exe