DarkGate Opens Organizations for Attack via Skype, Teams

From July through September, we noticed the DarkGate campaign (detected by Trend Micro as TrojanSpy.AutoIt.DARKGATE.AA) exploiting instant messaging systems to transmit a VBA loader script to victims. This script downloaded and executed a second-stage payload consisting of an AutoIT script containing the DarkGate malware code. It’s unclear how the original accounts of the instant messaging apps were hijacked.

DarkGate has been somewhat inactive in recent years. However, additional campaign deployments have been spotted this year, as reported by Truesec and MalwareBytes. We discovered that the majority of DarkGate attacks were detected in the Americas region, followed by Asia, the Middle East, and Africa.

DarkGate Opens Organizations for Attack via Skype, Teams

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

DarkGate Opens Organizations for Attack via Skype, Teams

12-Oct-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address