Storm-0324 Exploits Microsoft Teams Chats Deploying JSSLoader
Threat Level – Red | Vulnerability Report
Download PDFStorm-0324 is a financially motivated threat actor with a history of operations dating back to 2016. This actor has a specialization in facilitating ransomware deployments and providing access to compromised networks and devices to other threat actors. Notably, in 2019, Storm-0324 began its collaboration with FIN7 (aka Sangria Tempest) by delivering its first payload. Starting from July 2023, Storm-0324 has shifted its focus to exploiting MS Teams chats using an open-source tool as part of its cyber activities.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox