Threat actors are employing a new technique and leveraging website contact forms instead of common phishing emails to deliver BazarBackdoor. This helps them bypass security software detection.
What Is BazarBackdoor?
The BazarBackdoor malware is typically distributed by means of phishing emails that encompass malicious documents. These documents have further the ability to malware download and install.
What’s new is because systems like secure email gateways have improved their malware droppers detection hackers are starting to change their tactics too.
BazarBackdoor Is Now Distributed Through Contact Forms
Researchers from Abnormal Security have released a new report where they described thoroughly that the malicious campaign leveraging BazarBackdoor began in December last year. The underlined that the probable purpose was represented by Cobalt Strike or ransomware payloads deployment purposes.
Hackers have started however to change their way of distributing this type of malware as instead of employing phishing emails, they use for communication initialization corporate contact