TeamSpy Malware Returns to Steal Data

A new spam campaign has recently emerged, carrying the TeamSpy data-stealing malware, which can give cyber-criminals full access to a compromised computer.

According to Heimdal Security, many of the victims appear to be ordinary users, but some of the victims are high-profile industrial, research or diplomatic targets.

Part of the attackers’ activities is based on misusing the legitimate TeamViewer remote access tool, including a keylogger and a TeamViewer VPN.

The current attack relies on social engineering and careless use to trick victims into installing the TeamSpy malware. The malicious technique used is DLL hijacking, which tricks a legitimate software program to perform unauthorised actions.

First, the victim receives a spam email claiming to have an “eFax” attached. When opened, the file triggers the accompanying .exe file to be activated. This causes the malicious TeamSpy code to be dropped onto the victim’s computer, as a malicious DLL.

From there, a TeamViewer session started by the attackers will be invisible to the victim. This can lead to numerous forms of abuse against the services that the logged-in user runs on his/her computer. 

The attack can also circumvent two-factor authentication and can also give cyber-criminals access to encrypted content which is unencrypted by the users on their compromised computers.

“We highly recommend that you carefully analyse unwanted emails that you receive and that you don’t download email attachments from unknown senders,” said Andra Zaharia, security evangelist at Heimdal, in an analysis. “Malware can disguise itself in many forms on the web, and all it takes is one click to trigger an infection.”

Infosecurity Magazine

ENISA’s Threat Rankings: From Malware To Cyber Spies:

New Malware Hides In Memory:

 

 

« Ransomware 'customer support' Chat Reveals Criminals' Ruthlessness
Zello Protest App Blocked in Russia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: 2024 and beyond: Top six cloud security trends

ON-DEMAND WEBINAR: 2024 and beyond: Top six cloud security trends

Learn about the top cloud security trends in 2024 and beyond, along with solutions and controls you can implement as part of your security strategy.

TestFort

TestFort

TestFort QA Lab is a specialized software testing company offering independent quality assurance and software testing services.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

Versa Networks

Versa Networks

Versa is a software-defined networking vendor providing an end-to-end solution that both simplifies and secures the WAN/branch office network.

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

Ecubel

Ecubel

Ecubel is the market leader in Belgium in buying and selling used IT harware guaranteed by a certified data erasure.

Estio Training

Estio Training

Estio Training is a specialist digital and IT apprenticeships provider, dedicated to introducing new skills and developing existing talent in businesses across the UK.

NuCrypt

NuCrypt

NuCrypt is developing technology that is applicable to ultrahigh security data encryption as well as key distribution.

Tesserent

Tesserent

Tesserent (formerly Pure Security) is a full-service cybersecurity solutions provider. We partner with clients across Australia and New Zealand in the protection of their digital assets.

IQ4 - Cybersecurity Workforce Alliance (CWA)

IQ4 - Cybersecurity Workforce Alliance (CWA)

Cybersecurity Workforce Alliance, a division of iQ4, is an organization comprised of a diverse range of professionals dedicated to the development of the cybersecurity workforce.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Com Olho

Com Olho

Com Olho provides the measurement, analytics, quality assurance, and fraud protection technologies brands need for their business and customers.

Anxinsec

Anxinsec

Anxinsec Technology is a security solution and service provider with a focus on new technology and innovations in cybersecurity.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

Ivolv Cybersecurity

Ivolv Cybersecurity

Ivolv is here to assist your organization in building effective protection and resilience against cyber attacks.

SureCloud Cyber Services

SureCloud Cyber Services

Our Cyber Testing capability has been honed since we were founded in 2006 as a disrupter in the penetration testing market.