Two new, and relatively complex, phishing campaigns have been spotted using popular online collabotation tools to lure victims from high-value targets into downloading a malicious loader.
According to researchers from Sophos, criminals started using Slack and BaseCamp to target specific people within organizations and get them to download the BazarLoader malware.
A loader is a gateway program that, when installed, allows the attackers to install the actual malware in the second stage of the attack. At that point, they could install whatever they wanted, from ransomware to data miners and everything in between.
