Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors

TrustConnect is back, this time used to deploy legitimate but weaponized RMM solutions.
Redmondmag.com

Signed Malware Impersonating Workplace Apps Used To Deploy RMM Backdoors

Microsoft's Defender Security Research Team has identified a series of phishing campaigns in which an unknown attacker used digitally signed malware masked as common workplace applications to deploy ...