Fake IT support calls on Microsoft Teams push EtherRAT malware
8 Articles
8 Articles
Fake IT bods on Microsoft Teams coax workers into installing malware
Cybercriminals are using fake IT support calls on Microsoft Teams to persuade employees to surrender control of their PCs before installing the EtherRAT remote access trojan, according to researchers at Palo Alto Networks' Unit 42. Victims receive a phishing email disguised as an employee survey before a follow-up Microsoft Teams call from someone claiming to be IT support. During the call, the attacker persuades the target to hand over remote c…
Fake IT support calls on Microsoft Teams push EtherRAT malware
Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks. [...]
Fake Microsoft Teams IT Support Calls Used to Spread EtherRAT Malware
Copyright protected content copied from PhoneWorld website. Cybersecurity researchers have uncovered a new attack campaign in which cybercriminals use fake Microsoft Teams support calls to infect company computers with a dangerous malware known as EtherRAT. The attackers pretend to be members of an organization’s IT department and convince employees to give them remote access to their devices. The campaign was recently identified by Palo Alto Ne…
Hackers Abuse Cross-Tenant Teams Chat to Deliver EtherRAT Through Malicious MSI Loader
A coordinated social-engineering campaign observed in late June 2026 combined email phishing with an abused Microsoft Teams cross‑tenant chat to deliver a sophisticated EtherRAT implant via a malicious MSI loader. Initial access began with a targeted email masquerading as internal communication: an “Employee Survey” HTML message containing a PDF lure. When the victim opened the […] The post Hackers Abuse Cross-Tenant Teams Chat to Deliver EtherR…
Cybercriminals are increasingly using Microsoft teams for their purposes. In recent times, there are mainly incidents in which they claim to be employees of IT support. For this purpose, they set up special chats with alleged IT support requests in order to gain access to the enterprise systems by means of real-time social engineering. As a rule, such an attack begins with the misuse of external collaboration functions in Microsoft teams. The at…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium



