Threats Tagged 'a0backdoor'
View all threats tagged with 'a0backdoor'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'a0backdoor'
Click on any threat for detailed analysis and mitigation recommendations
New A0Backdoor Linked to Teams Impersonation and Quick Assist Social Engineering 0 A new backdoor, dubbed A0Backdoor, has been discovered in connection with a campaign using email bombing and IT-support impersonation over Microsoft Teams to gain Quick Assist access. The malware's loader exhibits anti-sandbox evasion techniques, and the campaign's command-and-control has shifted to a covert DNS mail exchange-based channel. This activity is attributed to the threat group Blitz Brigantine, also known as Storm-1811 or STAC5777, and shows similarities to Black Basta-linked social-engineering tactics. The attackers use digitally signed MSI packages, often hosted on Microsoft cloud storage, to deliver their proprietary tooling. The A0Backdoor employs sophisticated techniques such as time-based execution windows, runtime decryption, and DNS tunneling for covert communication. The campaign has been active since August 2025, targeting primarily the finance and health sectors. Join the discussion | AlienVault OTX General | 03/07/2026, 09:44:29 UTC Added: 03/09/2026, 10:51:51 UTC |
Showing 1 to 1 of 1 result