Security News > 2022 > February > Attackers use Microsoft Teams as launchpad for malware

Hackers are starting to realize that Microsoft Teams is a great means of spreading tentacles throughout an organization's systems; since the start of the year, Avanan has been seeing hackers increasingly dropping malware in Teams conversation.

To be able to use this avenue of attack, hackers need to take control of a Microsoft Teams account.

Since most professional Microsoft 365 editions include Teams, compromising Microsoft 365 credentials - either via phishing or by buying compromised credentials on the dark web - is the way to go about it.

As Fuchs notes, attackers can compromise a partner organization and listen in on inter-organizational chats, or compromise an email address and use that to access Teams.

Microsoft Teams as the perfect means to spread malware.

An Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform. Medical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. In their mind, everything can be sent on Teams," Fucks explained.

News URL

https://www.helpnetsecurity.com/2022/02/17/microsoft-teams-malware/