Hackers exploit Windows Quick Assist for Black Basta ransomware attacks via social engineering and voice phishing.

Hackers have been exploiting the Windows Quick Assist feature in ransomware attacks, using social engineering tactics and voice phishing to deploy the Black Basta ransomware variant. Storm-1811, the malicious actor behind the attacks, begins by flooding victims' inboxes with spam and then impersonates Microsoft technical support or the victim's company IT staff in a call, convincing victims to grant remote access. The attackers then use Quick Assist to install malware and ransomware on the victims' systems.

May 16, 2024
5 Articles