"Windows Quick Assist Anchors Black Basta Ransomware Gambit"

Microsoft Threat Intelligence noted that "Storm-1811," a financially motivated threat actor tracked since mid-April, has been following the same playbook as the recent Black Basta ransomware vishing campaign. The threat group's social engineering campaign tries to trick victims into allowing them to use Windows Quick Assist to access their machines remotely. They do this by posing as trusted contacts, such as Microsoft technical support or an Information Technology (IT) professional from the user's organization. This article continues to discuss the abuse of Windows Quick Assist. 

Dark Reading reports "Windows Quick Assist Anchors Black Basta Ransomware Gambit"

Submitted by grigby1

Submitted by Gregory Rigby on