Some hackers target Microsoft Teams accounts by adding malicious executables to chat and disseminating them to participants in the discussion, according to Avanan researchers. In January 2022, Avanan added, hackers began throwing malicious executable files into Teams talks. Creates shortcut links, writes data to the Windows registry, and instals DLL files. The cyber security firm sees hundreds each month
By faking a user or emailing.exe files to Teams discussions, hackers are attacking Teams. Then, the threat actor adds a Trojan.exe file dubbed “User-Centric” to a chat. This will install DLL files and generate self-administering shortcuts.
What Microsoft Team Researchers Say?
The researchers say it is possible to compromise a partner organization and listen to inter-organizational communications. Threat actors may also exploit an email account to access Teams. In addition, a prior phishing effort or data breach might provide them access to Teams and other Office apps.
Once inside an organization, the experts said an attacker generally understands what technology is protecting it. So they’ll know what malware will evade current defences.
“The default Teams protections are inadequate, as they only scan for malicious links and files. “Many email security solutions do not protect Teams,” says Avanan’s report.
“Hackers who gain access to Teams accounts via East-West attacks or phishing attacks have free rein to attack millions of unsuspecting users.”
More On It!
Because consumers trust the platform implicitly, hackers may easily breach Microsoft Teams. For example, an Avanan examination of Teams-enabled hospitals revealed that clinicians might freely communicate patient medical information on Teams.
“Medical staff are generally aware of the risks with email sharing but ignore them when using Teams. “Invitations from other companies are often sent or received with little oversight,” Avanan said.
“Due to the Teams platform’s unfamiliarity, many will trust and approve requests. For example, a user may easily pretend to be the CEO, CFO, or IT help desk inside an organization.”
Microsoft Teams has grown in popularity since the epidemic began, with 270 million monthly active users in the second quarter of fiscal 2022.
This exploit shows that hackers are starting to grasp and use Teams as a possible attack vector, says Avanan. As Team use grows, the cyber security firm predicts a surge in these types of assaults. The newest attack seems to target US users.
Assuring that all files are downloaded in a sandbox and checked for dangerous material is recommended by Avavan, as is encouraging end-users to contact IT when they encounter an unknown file.
I write as a writer, as someone very familiar with the Internet, as someone who is completely at ease with current technology and the way it is transforming the social fabric of the globe, the business world in particular, and as a former web developer.