May 11, 2021

Volume XI, Number 131

Advertisement

May 11, 2021

Subscribe to Latest Legal News and Analysis

May 10, 2021

Subscribe to Latest Legal News and Analysis

Cisco/Talos Researchers Find Attackers Using Slack and Discord to Distribute Malware

Another example of the resiliency and creativity of cyber-attackers is outlined in a new blog by Cisco/Talos researchers, which outlines how, over the past year, and in particular as a result of the migration from work at the office to work from home during the pandemic, cyber-attackers are using collaboration platforms like Slack and Discord to distribute malware to unsuspecting victims.

According to the blog:

  • As telework has become the norm throughout the COVID-19 pandemic, attackers are modifying their tactics to take advantage of the changes to employee workflows.

  • Attackers are leveraging collaboration platforms, such as Discord and Slack, to stay under the radar and evade organizational defenses.

  • Collaboration platforms enable adversaries to conduct campaigns using legitimate infrastructure that might not be blocked in many network environments.

  • Remote Access Trojans (RATs), information stealers, internet-of-things malware and other threats are leveraging collaboration platforms for delivery, component retrieval and command and control communications.

In sum, the collaboration rooms and platforms are being used to “spread traditional malspam lures used to infect victims.” They are using the platforms to “circumvent perimeter security controls and maximize infection capabilities.” They are being used during three phases of malware attacks, including delivery, component retrieval, and C2 and data exfiltration. They are also being used for social engineering campaigns.

If your organization is using collaboration platforms, it is important to let your IT professionals and employees know about the malicious use of these platforms so they can use good cyber- hygiene to avoid causing an incident in the same way as a phishing or social engineering scheme. The same tools that they use to identify malicious emails or texts should be used with these collaboration platforms. Providing education on these schemes and uses of legitimate business platforms is the first defense to preventing an incident.

 

Advertisement
Copyright © 2021 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XI, Number 105
Advertisement
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence
Partner

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...

401-709-3353
Advertisement
Advertisement