MetaStealer and Teams Phishing


Mac-Based MetaStealer

by Artie Kaye

This info-stealing malware is spread through social engineering.  Attackers will pose as clients and send Trojan horse files—such as an installer that has the icon of a PDF—in hopes that the user will open it.  As of this writing, the Apple anti-malware software does not detect this.  While the program will run natively on only Intel processor machines, it can gain a foothold when used in conjunction with Rosetta.  The main target of this campaign are businesses, and has the intent to steal passwords and important data on the infected devices.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


Microsoft Teams Phishing

by Artie Kaye

A campaign is using compromised Office accounts to proliferate a malware install file.  The guise of a vacation schedule update has been reported as a common tactic.  Microsoft has addressed some of these concerns on the software end, changing how outside users in a group are seen, and shutting down accounts known to have been involved in the spread. 

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)