Security News > 2021 > March > BazarCall malware uses malicious call centers to infect victims
For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware.
The new malware was discovered being distributed by call centers in late January and is named BazarCall, or BazaCall, as the threat actors initially used it to install the BazarLoader malware.
Like many malware campaigns, BazarCall starts with a phishing email but from there deviates to a novel distribution method - using phone call centers to distribute malicious Excel documents that install malware.
These call centers would then direct users to a specially crafted website to download a "Cancellation form" that installs the BazarCall malware.
The call center agent will then help the victim open the file and clicking on the 'Enable Content' button to enable malicious macros.
Security researcher Brad Duncan has shared a video illustrating a call into the threat actor's call center and its distribution of malicious documents to unsuspecting victims.