Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware A cybercrime gang has been abusing Microsoft's Quick Assist application in social engineering attacks that ultimately allow the crew to infect victims with Black Basta ransomware. This, according to Redmond, which said the campaign has been ongoing since mid-April, and blamed a financially motivated group it tracks as Storm- …
... I was not aware Quick Assist was on my computer, installed by default. It never even occurred to me to have to check if I had remote access software on my computer.
That's such an awful idea security-wise, why would they do that?
That's yet another thing to add to "the list" to do to a new Windows install, next to disabling forced automatic updates, ads and copilot.
More of Microsoft's "you're too stupid to own a computer, so let us manage it all for you" mantra.
To be fair, they've had "remote assistance" installed and enabled by default since at least XP (it's on the same settings tab as remote access), but the newer version is far easier to exploit and far harder to track down to disable/remove - and I'm sure that each and every update will re-enable/re-install it, just like they do with OneDrive, Teams and XBox crap.
Take a look at MeshCentral. Open Source and you host it yourself, with obvious security benefits. It is properly cross platform too.
Its main developer used to work for Intel but was laid off and was snapped up by Microsoft. Development is continuing apace.
I use it a lot. It works well. Security-wise, I find it just as good or better than "go to this website and download this executable". At least the user have to actively launch the application, enter a code, and click accept to allow the remote user to connect. Some other systems allow full remote control after two mouse clicks by the user.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
