DragonForce Abuses Microsoft Teams C2 Traffic
🟠 High | Source: The Hacker News The DragonForce ransomware group has deployed a custom Go-based backdoor, Backdoor.Turn, that tunnels command-and-control traffic through Microsoft Teams relay infrastructure to evade detection. By blending malicious traffic with legitimate Teams communications, the group makes it significantly harder for defenders to identify or block C2 activity. The technique was observed in an attack against a major US services organisation, flagged by Symantec and Carbon Black. ...