DarkGate Malware Abusing Cloud Storage & SEO Following Delivery Over Teams

From gbhackers.com

DarkGate loader delivery surged after the Qakbot takedown, with financially motivated actors like TA577 and ransomware groups (BianLian, Black Basta) using it to target financial institutions (US, Europe) for double extortion. 

It establishes an initial foothold and deploys info-stealers, ransomware, and remote access tools to maximize data exfiltration and extortion gains by utilizing legitimate channels (DoubleClick ads, cloud storage) and phishing emails for distribution. 

Read more…