BazarCall threat creates new cyber-attack vector

There are new warnings around an emerging ransomware threat which has become widespread in the past three months.

CFC, a specialist cyber insurance provider CFC, has warned brokers and clients of the latest method of ransomware attack – dubbed ‘BazarCall’ – which is targeting small businesses.

According to underwriter’s in-house cyber threat analysis team – the ‘BazarCall’ attack method has been growing in use among well-known ransomware groups and is responsible for an increasing number of malware infections observed by CFC over the past three months.

Uniquely, the BazarCall method subverts common cyber security controls by utilising a phishing email that tricks the victim into phoning a call centre – rather than clicking a link – and instructing them to download malicious software and infect their own computers. From there, the hackers can carry out their ransomware attacks undetected.

“Making the victim do all the heavy lifting is a notable shift from the more traditional hacking attack vectors” said Tom Bennett, CFC’s cyber threat analysis team leader. “Unfortunately most workplace education around phishing emails doesn’t warn about this type of social engineering, so it represents a significant new threat.”

According to Bennett, BazarCall accounted for nearly 10% of the malware incidents CFC has detected across its own portfolio over the last three months, but to date the company has been able to prevent cyber claims stemming from these infections.

“To date we have detected and removed every case of this malware within our impacted customers, at no cost to them,” continued Bennett. “But we must all remain vigilant – cyber criminals are motivated, well-funded and well-organized. And they are constantly revising their attacks. That’s why we’ve built our dedicated cyber security team to help our customers protect themselves and prevent incidents before they happen.”