Email Bombs and Fake Tech Support: The Ransomware Comedy Duo Strikes Again!

Sophos X-Ops’ Managed Detection and Response warns of ransomware attacks using email bombing and vishing through Microsoft Office 365. These tactics, linked to threat groups STAC5143 and STAC5777, involve impersonating tech support and overwhelming Outlook mailboxes. Sophos urges organizations to restrict Teams calls from outside to combat these threats.

3P
Published: January 21, 2025 10:08 pmAdded: January 21, 2025 at 2:33 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

When it comes to cybercrime, these threat groups are like bad actors in a soap opera – always recycling old scripts, but somehow still managing to surprise us with their sheer audacity. Microsoft Office 365 users, brace yourselves for a plot twist: your email might just star in an unwanted spam sequel!

Key Points:

  • Sophos X-Ops warns about two threat groups using ransomware and vishing via Microsoft Office 365.
  • Threat groups STAC5143 and STAC5777 are under investigation by Microsoft.
  • Attackers use tools like Quick Assist and Teams screen sharing for taking control of devices.
  • Email bombing is employed to overwhelm Outlook mailboxes.
  • Ransomware types involved include Black Basta and Python ransomware.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?