SYMBOLCOMMON_NAMEaka. SYNONYMS
win.teambot (Back to overview)

TeamBot

aka: FINTEAM

Recently, Check Point researchers spotted a targeted attack against officials within government finance authorities and representatives in several embassies in Europe. The attack, which starts with a malicious attachment disguised as a top secret US document, weaponizes TeamViewer, the popular remote access and desktop sharing software, to gain full control of the infected computer.
This is achieved by sideloading another DLL among the legit TeamViewer.

References

There are currently no references.

There is no Yara-Signature yet.