A critical cybersecurity alert discloses a coordinated Microsoft Teams vishing attack targeting corporate organizations, particularly in the legal sector. The attack employs a combination of email harassment and voice phishing to trick employees into downloading a Java-based backdoor dubbed Nimbus RAT. The vishing kill chain begins with overwhelming the target's inbox with junk emails, leading to the execution of malicious software in less than 20 minutes.
Nimbus RAT uses Google Drive for covert command-and-control operations and has connections to organized cybercrime groups. Post-compromise, attackers utilize additional tools like InboxSetupPro to exfiltrate sensitive data, including private communication records. Overall, there is a noted surge in similar attack events across various sectors, prompting recommendations for stricter access controls and enhanced user education to thwart these threats.