Microsoft has recently uncovered a malware campaign that tricks victims into downloading Bazaloader Malware, thereafter giving remote keyboard access to hackers. As of now, news is out that the campaign is limited to countries enriched with Non-Native English speakers and might soon spread its wings in the attack chain.
Microsoft 365 Defender Threat Intelligence Team says that the attack is being launched through BazaCall, where hackers email victims mentioning about an emergency and urging victims to download Bazaloader malware in disguise of an application that is indeed a scamming app.
Sometimes, the email body is filled with material related to culinary skills, cooking tips or photos and images relevant to them. And sometimes, the mail is attached with a document that poses as a confirmation receipt for a purchased software license.
As the malware isn’t being distributed through malicious URLs or files in the email body, it becomes touch for the anti-malware solutions to detect BazaLoader malware.
Countries from Asia and Middle East are said to be on the current radar of those distributing BazaLoader and pretty soon the malware campaign might also spread to west like United States, Canada and UK.
Note- All these days we have seen malware been distributed through email links or attachments. But now, Microsoft Defender Smart screen has flagged the BazaLoader as a different malicious software that has the potential to be customized as per the likes/requirements of hackers.