Attackers combine spam floods with fake IT support
Victims tricked into Quick Assist sessions deploying A0Backdoor
Malware enables full account takeover and remote code execution
Cybercriminals are using a new combination of spam and IT support impersonation to deploy malware and take over corporate devices, experts have warned.Security researchers at BlueVoyant found cybercriminals would start their attack by flooding their victim’s email inbox with spam. Not long after, they would reach out to that victim, claiming to be an IT support technician tasked with solving the spam problem.
Then, they would ask the victim to start a Quick Assist remote session, through which they temporarily gain access to the target computer.
There, under the pretense of “solving the spam problem”, they would deploy a piece of malware called A0Backdoor.