Home/News/New Helix Group Targets SharePoint Data Via Vishing
BleepingComputer2 min read

By Interestana AI Editorial — AI-drafted, human-overseen. How we report

New Helix Group Targets SharePoint Data Via Vishing

A novel cybercriminal collective identified as Helix has begun targeting organizations by exploiting vulnerabilities within Microsoft SharePoint environments. This group employs a sophisticated array of identity-focused tactics to gain unauthorized access and exfiltrate sensitive data. Their methodology includes voice phishing (vishing), a technique that leverages social engineering over the phone to trick individuals into revealing credentials or sensitive information. Additionally, Helix utilizes device code phishing, which often involves tricking users into entering legitimate authentication codes into malicious websites or applications, thereby bypassing multi-factor authentication (MFA) protections.

The primary objective of the Helix group appears to be data extortion. By successfully breaching SharePoint, a widely used platform for document management and collaboration, they gain access to potentially vast amounts of corporate data. This data can then be held for ransom, with the threat of public release if payment is not made. The group's reliance on compromising user identities and authentication mechanisms highlights a growing trend in cyberattacks that move beyond traditional network intrusion methods.

Security researchers have observed Helix actively engaging in these attacks, indicating a persistent and evolving threat. The group's operational focus on SharePoint suggests a strategic targeting of cloud-based collaboration tools, which have become central to modern business operations. The effectiveness of their vishing and MFA abuse tactics underscores the ongoing challenges organizations face in securing their digital perimeters against sophisticated social engineering and credential compromise schemes. The emergence of Helix adds another layer of complexity to the threat landscape, particularly for businesses heavily reliant on Microsoft's cloud services.

Original source — read the full reporting at the publisher:

Read on BleepingComputer

Get the weekly AI digest

AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.

Read next