Return to Global Matrix
CLASSIFIED: EYES ONLY

Threat actor uses Microsoft Teams to deploy new “Snow” malware

TELEMETRY SUMMARY DECRYPTION

SITREP: A threat actor identified as UNC6692 has deployed a new malware suite named 'Snow' utilizing Microsoft Teams as a vector for social engineering. The malware includes a browser extension, a tunneler, and a backdoor component. TACTICAL ASSESSMENT: The use of Microsoft Teams for malware deployment indicates a shift in tactics, leveraging trusted platforms to bypass security measures. This development poses a significant risk to organizations relying on such communication tools for remote collaboration. PROJECTED VECTORS: Future attacks may see an increase in the use of legitimate platforms for malware distribution, necessitating enhanced security protocols.

SAT-COM 4LAT: 45.192LON: 34.021UTC: 2026-04-25

Event Telemetry

STATUS IDENTIFIERCRITICAL EVENT
ORIGIN DESKCYBER
ACQUISITION TIME04/2516:07 ZULU
AUTHORSYSTEM.AUTO[992]