Threat actor uses Microsoft Teams to deploy new “Snow” malware

SITREP: A threat actor identified as UNC6692 has deployed a new malware suite named 'Snow' utilizing Microsoft Teams as a vector for social engineering. The malware includes a browser extension, a tunneler, and a backdoor component. TACTICAL ASSESSMENT: The use of Microsoft Teams for malware deployment indicates a shift in tactics, leveraging trusted platforms to bypass security measures. This development poses a significant risk to organizations relying on such communication tools for remote collaboration. PROJECTED VECTORS: Future attacks may see an increase in the use of legitimate platforms for malware distribution, necessitating enhanced security protocols.