New reports are finding malware (a form of virus) is being spread through website contact forms, the same attacks typically executed via phishing emails. This angle lets the attacker evade typical security software, which exists heavily around the email space. The idea of any type of malware, is to gain access to a device, which then allows the attacker to move within a network causing all sorts of havoc.
BazarBackdoor is an extremely stealthy type of backdoor malware developed by a team called the TrickBot Group. Historically spread through email, advances in security have forced these groups to find new methods of distribution and attack.
How does it work?
- A website contact form is compromised (commonly corporate forms)
- The attackers pose as employees
- Completed contact form requests are met with a reply from the attackers
- Delivering file(s) with malicious software for download (usually using TransferNow or WeTransfer)
- Downloading these files causes significant harm to the users devices and organisational network(s)
Protecting every point of your organisations digital footprint is critical as your cyber security is only as strong as its weakest link.
Contact our team to discuss protecting your stakeholders today.