The Bitdefender MDR team observed activity associated with a social engineering campaign that targets commonly used software: Microsoft Teams and Quick Assist. This blog includes information from the MDR team’s latest analysis. Bitdefender is releasing it to the public to support information sharing efforts.

Threats that abuse Microsoft Teams and Quick Assist have persisted for more than three months. However, in these instances, the successful infiltration of a victim environment does not result from executing malicious code or brute forcing a device with administrator level access. Instead, the threat actor only needs to manipulate a user’s trust to take control of the victim’s system and set the stage for the next compromise.