The Bazar loader malware is leveraging worker trust in collaboration tools like Slack and BaseCamp, researchers say. It’s been recently seen being used as a staging malware for ransomware, particularly Ryuk. In a secondary campaign aimed at consumers, the attackers have added a voice-call element to the attack chain. BazarLoader downloader, written in C++, has the primary function of downloading and executing additional modules. The malware, only running in memory, cannot be detected by an endpoint protection tool s scans.
Source: https://threatpost.com/bazarloader-malware-slack-basecamp/165455/