Microsoft Threat Intelligence

During tax season, threat actors exploit the urgency and familiarity of time-sensitive emails like refund notices, filing reminders, and requests from tax professionals to push malicious attachments, QR codes, and multi-step link chains. Microsoft Threat Intelligence has observed campaigns themed around W-2 and other tax documents that impersonate government agencies, tax services firms, and financial institutions. These campaigns aim to steal personal and financial data, harvest credentials through phishing-as-a-service (PhaaS) platforms, or deliver malware. Many campaigns target individuals but others specifically target accountants and other professionals who handle sensitive documents, have access to financial data, and are accustomed to receiving tax-related emails during this period. Our latest blog has details from our analysis of several campaigns leveraging the tax season for social engineering, as well as Microsoft Defender protection, detection, and hunting guidance: https://msft.it/6046QUflq

Microsoft Defender Experts is sharing an investigation into the sophisticated social engineering operation known as Contagious Interview, which targets software developers and continues to be prevalent. https://msft.it/6042QmHbg Threat actors target developers to attempt to compromise developer endpoints with access to source code, CI/CD pipelines, and production infrastructure. They pose as recruiters from cryptocurrency trading firms or AI-based solution providers and achieve initial access through a convincingly staged recruitment process that mirrors legitimate interviews but leads to a backdoor. The modular backdoor then enables theft of sensitive information like API tokens, cloud credentials, signing keys, cryptocurrency wallets, and password manager artifacts, and also leads to follow-on malicious activity and other payloads. Organizations can defend against this threat by monitoring developer endpoints and build tools, and by hunting for suspicious repository activity and dependency execution patterns. Read the latest Microsoft Defender Experts blog to get the full attack chain analysis, as well as protection, detection, and hunting guidance:

The cybercriminal threat actor tracked by Microsoft Threat Intelligence as Storm-2561 is running an SEO-poisoning campaign that redirects people searching for enterprise VPN software to spoofed sites and malicious ZIP downloads leading to credential theft. https://msft.it/6045QlyZF The ZIP file contains a malicious, digitally signed installer that masquerade as a trusted VPN client. The attack chain ultimately loads a variant of Hyrax infostealer that captures VPN sign-in credentials and configuration data, and exfiltrates it to attacker infrastructure. Read the full Microsoft Defender Experts analysis of the tactics, techniques, and procedures (TTPs) and indicators of compromise of this Storm-2561 campaign, and get protection, detection, and hunting guidance:

Threat actors are rapidly integrating AI as a core component of their tradecraft, using it across the attack lifecycle to move faster, scale more easily, and experiment with new tactics at unprecedented speed. https://msft.it/6048QYVBo AI is being used to operationalize reconnaissance, social engineering, malware development, and infrastructure setup, enabling actors to quickly test ideas, abandon what fails, and expand what works. This shift is especially visible among North Korean threat actors, where AI lowers the barrier to entry and enables less sophisticated operators to demonstrate greater agility. Actors affiliated with Democratic People's Republic of Korea (DPRK) activity have been observed using AI to generate end-to-end malware and refresh tooling in ways that remove traditional indicators used for attribution. AI-assisted social engineering has also reduced telltale language errors, making phishing and impersonation campaigns more convincing. At scale, AI enables threat actors to create believable online personas and sustain long-running operations without previous growth bottlenecks. Learn how defenders must think about detection and response from Greg Schloemer and Vlad H. on this episode of the Microsoft Threat Intelligence Podcast, hosted by Sherrod DeGrippo. For more information on how threat actors are operationalizing AI, read: https://msft.it/6040QYVBq

What are you using AI for in your daily life? Let's talk about what threat actors are doing in theirs. Our threat intelligence tells us how AI is changing the economics of threat and what defenders should pay attention to. Threat actors don’t need AI to invent new attacks. What AI is doing instead is collapsing the economics of threat. This is what we've always talked about... imposing cost. AI is helping threat actors reduce cost and think in terms of behavioral economics. Tasks that once required specialized expertise or larger teams can now be done faster, cheaper, and at scale. Attackers are using AI to draft phishing lures, translate content, summarize stolen data, debug malware, and assemble scripts. For less experienced actors, it lowers the barrier to entry. For experienced operators, it enables larger campaigns with fewer people. We see this clearly in real operations. In Jasper Sleet activity, North Korean actors used AI to sustain fraudulent identities for months, posing as remote IT workers to gain access inside organizations. But AI also strengthens defenders. Microsoft Threat Intelligence used advanced signals to identify and disrupt thousands of these fraudulent accounts and worked with partners to limit further misuse. The question I hear most often is whether threat actors are actually using AI or if this is hype. The answer is simple: they are. The real question is where AI shows up in attacker workflows and what that means for defense. In our latest research, “AI as tradecraft: How threat actors operationalize AI,” we show how AI appears across the attack lifecycle—from reconnaissance and resource development to weaponization and post-compromise activity. This shifts the defensive focus from what tool attackers use to which stage of the operation defenders need to disrupt. Read the full report here: https://lnkd.in/efZQPNsT

The March 2026 security updates are available:

Addressing agent sprawl, identity misuse, data exposure, and emerging AI‑specific threats is becoming a foundational security challenge for organizations adopting AI at scale. https://msft.it/6042Qi7Qy As agentic AI rapidly expands across enterprises, visibility gaps, unmanaged identities, and excessive privileges increase the risk of agents being abused, compromised, or weaponized by malicious actors—turning trusted automation into potential attack paths. To confront these risks, Microsoft introduces Agent 365 and Microsoft 365 E7, bringing observability, identity governance, information protection, and threat detection to AI agents across the enterprise. By treating agents as identity‑aware, auditable entities and extending Microsoft Defender, Entra, and Purview protections to agent behavior, organizations can better detect abuse, prevent data leakage, and defend against agent‑based attack chains as AI becomes embedded in everyday operations. Microsoft Threat Intelligence has observed threat actors increasingly operationalizing AI as tradecraft to accelerate reconnaissance, social engineering, and malware development. Against this backdrop, securing agentic AI is a defensive imperative as attackers and defenders adapt to the same technologies. Learn more: https://msft.it/6043Qi7QJ

Threat actors are operationalizing AI across the cyberattack lifecycle to accelerate tradecraft, reduce technical friction, and sustain malicious operations at scale. Microsoft has observed threat actors embedding generative AI into workflows for reconnaissance, social engineering, malware and infrastructure development, and post‑compromise activity—while retaining human control over objectives and targeting. https://msft.it/6048Qgt9M Observed activity includes large‑scale identity fabrication and long‑term access misuse by North Korean threat actors such as Jasper Sleet and Coral Sleet, AI‑assisted phishing and impersonation, rapid infrastructure creation, and malware development accelerated through AI‑enabled coding and debugging. Microsoft has also observed threat actors actively bypassing AI safety controls through jailbreaking techniques, as well as early experimentation with agentic AI and AI‑enabled malware that could complicate detection and response over time. While many techniques mirror existing tradecraft, AI increases speed, scale, and persistence, amplifying risk for defenders even when behaviors are not fundamentally new. At the same time, these trends surface new detection opportunities and reinforce the importance of treating long‑term access misuse as an insider‑risk scenario, hardening identity and phishing defenses, and securing AI systems themselves. Learn more about how threat actors are operationalizing AI and get detection and mitigation guidance from this Microsoft Threat Intelligence blog post.

Microsoft Defender Experts identified a widespread ClickFix social engineering campaign in February 2026 leveraging Windows Terminal as the primary execution mechanism. Rather than the traditional Win + R → paste → execute technique, this campaign instructs targets to use the Windows + X → I shortcut to launch Windows Terminal (wt.exe) directly, guiding users into a privileged command execution environment that blends into legitimate administrative workflows and appears more trustworthy to users. This approach bypasses detections specifically tuned to Run dialog abuse while exploiting the legitimacy and familiarity of Windows Terminal. Once the terminal is opened, targets are prompted to paste malicious PowerShell commands delivered through fake CAPTCHA pages, troubleshooting prompts, or verification-style lures designed to appear routine and benign. What makes this campaign notable are the post-compromise outcomes. The first attack path begins when a user pastes a hex-encoded, XOR-compressed command copied from the ClickFix lure into a Windows Terminal session. This action spawns additional Windows Terminal/PowerShell instances, ultimately launching another powershell.exe process responsible for decoding the embedded hex commands. The decoded PowerShell script downloads a legitimate but renamed 7-Zip binary and saves it with a randomized file name, along with a ZIP payload. The renamed archive utility extracts and executes a multi-stage attack chain that includes retrieval of additional payloads, persistence through scheduled tasks, defense evasion through Microsoft Defender exclusions, and exfiltration of stolen machine and network data. The final-stage payload, deployed to C:\ProgramData\app_config\ctjb, is found to be a Lumma Stealer component that performs QueueUserAPC()-based code injection into chrome.exe and msedge.exe processes. The stealer targets high-value browser artifacts, including Web Data and Login Data, harvesting stored credentials and exfiltrating them to attacker-controlled infrastructure. The second attack path begins when a user pastes a hex-encoded, XOR-compressed command into Windows Terminal. This command downloads a randomly named .bat file to AppData\Local that is invoked through cmd.exe to write a VBScript to %Temp%. The batch script is then executed via cmd.exe with the /launched command-line argument. The same batch script is then executed through MSBuild.exe, resulting in LOLBin abuse. The script connects to Crypto Blockchain RPC endpoints, indicating etherhiding technique. It also performs QueueUserAPC()-based code injection into chrome.exe and msedge.exe processes to harvest Web Data and Login Data. Microsoft Defender detects multiple threat components associated with this activity. For more information on defending against ClickFix activity: https://msft.it/6045QgrSf.

Microsoft, Europol, and industry partners announced a coordinated action to disrupt Tycoon 2FA, the service responsible for tens of millions of phishing emails reaching over 500,000 organizations each month worldwide. Read this Microsoft Threat Intelligence blog: https://msft.it/6042Q5RN0 - Learn how Tycoon2FA operated at scale and what security teams can do to detect and disrupt it - Understand Tycoon2FA’s infrastructure and tradecraft, and the controls that can help limit its impact - Get resources for detecting, hunting for, and defending against adversary-in-the-middle phishing threats