{"id":53628,"date":"2023-09-11T17:33:22","date_gmt":"2023-09-11T17:33:22","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34996\/Microsoft-Teams-Used-To-Spread-Burgeoning-DarkGate-Malware.html"},"modified":"2023-09-11T17:33:22","modified_gmt":"2023-09-11T17:33:22","slug":"microsoft-teams-used-to-spread-burgeoning-darkgate-malware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/","title":{"rendered":"Microsoft Teams Used To Spread Burgeoning DarkGate Malware"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/09\/darkgate-e1694441061201.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers have seen a spike in the distribution of DarkGate, a sophisticated malware most recently spread through a phishing campaign using compromised Microsoft Teams accounts.<\/p>\n<p>Although <a href=\"https:\/\/www.scmagazine.com\/news\/darkgate-password-stealer-could-open-up-world-of-hurt-for-windows-users\" target=\"_blank\" rel=\"noreferrer noopener\">DarkGate\u2019s history<\/a> dates back to late 2017, it was relatively unknown until the middle of this year when distribution of an enhanced version of the malware was observed through email phishing and malvertising campaigns.<\/p>\n<p>The burgeoning activity has been linked to an attempt by the malware\u2019s developer to expand their affiliate network, offering DarkGate as part of a ransomware-as-a-service for $100,000 a year.<\/p>\n<p>In a <a href=\"https:\/\/www.truesec.com\/hub\/blog\/darkgate-loader-delivered-via-teams\" target=\"_blank\" rel=\"noreferrer noopener\">Sept. 6 blog post<\/a>, Trusec senior cybersecurity consultant Jakob Nordenlund said his firm\u2019s incident response team observed compromised Microsoft 365 accounts sending Teams chat messages with links to malicious files as part of a phishing campaign with a DarkGate loader as the payload.<\/p>\n<p>Targets were prompted to open a ZIP file purportedly containing a changed staff vacation schedule for their organization. The ZIP file contained a malicious LNK (shortcut) file disguised as a PDF document. If clicked on, it ultimately resulted in DarkGate malware being executed on the target system.<\/p>\n<p>In his post, Nordenlund said the external chat messages were only detected because the recipients had security awareness training.<\/p>\n<p>\u201cUnfortunately, current Microsoft Teams security features such as&nbsp;<a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/safe-attachments-for-spo-odfb-teams-about?view=o365-worldwide\" target=\"_blank\" rel=\"noreferrer noopener\">Safe Attachments<\/a>&nbsp;or&nbsp;<a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/safe-links-about?view=o365-worldwide#safe-links-settings-for-microsoft-teams\" target=\"_blank\" rel=\"noreferrer noopener\">Safe Links<\/a>&nbsp;was not able to detect or block this attack,\u201d he said.<\/p>\n<p>\u201cRight now, the only way to prevent this attack vector within Microsoft Teams is to only allow Microsoft Teams chat requests from <a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoftteams\/trusted-organizations-external-meetings-chat?tabs=organization-settings\" target=\"_blank\" rel=\"noreferrer noopener\">specific external domains<\/a>, albeit it might have business implications since all trusted external domains need to be whitelisted by an IT administrator.\u201d<\/p>\n<p>A similar issue was raised in June by Jumsec researchers who <a href=\"https:\/\/www.scmagazine.com\/news\/microsoft-teams-bug-sidestep-security-malware\" target=\"_blank\" rel=\"noreferrer noopener\">pointed out the potential risk<\/a> of threat actors being able to send Teams messages from one Microsoft \u201ctenancy\u201d (corporate environment) to another. But Microsoft said inter-tenancy Teams messaging was <a href=\"https:\/\/www.scmagazine.com\/news\/microsoft-teamsphisher-nothing-to-see-here\" target=\"_blank\" rel=\"noreferrer noopener\">a feature, not a bug<\/a> and, like Nordenlund, pointed out its customers could block or restrict incoming external messages.<\/p>\n<h2>Touting for business, dark web style<\/h2>\n<p>Last month, <a href=\"https:\/\/0xtoxin.github.io\/threat%20breakdown\/DarkGate-Camapign-Analysis\/\" target=\"_blank\" rel=\"noreferrer noopener\">threat analyst 0xToxin<\/a> and <a href=\"https:\/\/github.security.telekom.com\/2023\/08\/darkgate-loader.html\" target=\"_blank\" rel=\"noreferrer noopener\">Deutsche Telekom Security<\/a> analyst Fabian Marquardt both posted about new email phishing campaign with DarkGate as the payload, while Malwarebytes director of threat intelligence J\u00e9r\u00f4me Segura outlined a DarkGate <a href=\"https:\/\/www.malwarebytes.com\/blog\/threat-intelligence\/2023\/08\/darkgate-reloaded-via-malvertising-campaigns\" target=\"_blank\" rel=\"noreferrer noopener\">malvertising campaign<\/a>.<\/p>\n<p>Two months earlier, ZeroFox circulated a <a href=\"https:\/\/www.zerofox.com\/blog\/the-underground-economist-volume-3-issue-12\/\" target=\"_blank\" rel=\"noreferrer noopener\">dark web forum post<\/a> by a threat actor calling themselves \u201cRastaFarEye\u201d who appeared to be the developer of DarkGate.<\/p>\n<p>The poster said they had spent over 20,000 hours since 2017 developing the malware which they described as \u201cthe ultimate tool for pentesters\/redteamers.\u201d<\/p>\n<p>The threat actor said they were offering DarkGate to a small number of new affiliates and had \u201c4\/10 slots available.\u201d The non-negotiable price to use the malware was $1000 for a day, $15,000 for a month, or $100,000 for a year.<\/p>\n<p>\u201cWe have added the option of buying a package for one day so that you can check the quality of the product and get an impression,\u201d the post read.<\/p>\n<p>While it is possible the recent spike in attacks may be linked to threat actors responding to RastaFarEye\u2019s bid to hire out DarkGate as a ransomware-as-a-service offering, it is not known whether any threat actors have taken up the offer to become affiliates for $100,000 a year asking price.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34996\/Microsoft-Teams-Used-To-Spread-Burgeoning-DarkGate-Malware.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":53629,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10687],"class_list":["post-53628","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwaremicrosoftdata-losscryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Teams Used To Spread Burgeoning DarkGate Malware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Teams Used To Spread Burgeoning DarkGate Malware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-11T17:33:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/09\/darkgate-e1694441061201.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft Teams Used To Spread Burgeoning DarkGate Malware\",\"datePublished\":\"2023-09-11T17:33:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/\"},\"wordCount\":548,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg\",\"keywords\":[\"headline,hacker,malware,microsoft,data loss,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/\",\"name\":\"Microsoft Teams Used To Spread Burgeoning DarkGate Malware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg\",\"datePublished\":\"2023-09-11T17:33:22+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/09\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg\",\"width\":1200,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,microsoft,data loss,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwaremicrosoftdata-losscryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft Teams Used To Spread Burgeoning DarkGate Malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Teams Used To Spread Burgeoning DarkGate Malware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Teams Used To Spread Burgeoning DarkGate Malware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-09-11T17:33:22+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/09\/darkgate-e1694441061201.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft Teams Used To Spread Burgeoning DarkGate Malware","datePublished":"2023-09-11T17:33:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/"},"wordCount":548,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg","keywords":["headline,hacker,malware,microsoft,data loss,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/","name":"Microsoft Teams Used To Spread Burgeoning DarkGate Malware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg","datePublished":"2023-09-11T17:33:22+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/09\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware.jpg","width":1200,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-used-to-spread-burgeoning-darkgate-malware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,microsoft,data loss,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwaremicrosoftdata-losscryptography\/"},{"@type":"ListItem","position":3,"name":"Microsoft Teams Used To Spread Burgeoning DarkGate Malware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53628","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53628"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53628\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/53629"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53628"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53628"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53628"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}