Security News > 2022 > February > Hackers slip into Microsoft Teams chats to distribute malware
Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation.
More than 270 million users are relying on Microsoft Teams every month, many of them trusting the platform implicitly, despite the absence of protections against malicious files.
Researchers at Avanan, a Check Point company that secures cloud email and collaboration platforms, found that hackers started to drop malicious executable files in conversations on Microsoft Teams communication platform.
"In this Teams attack, hackers have attached a malicious Trojan document to a chat thread. When clicked on, the file will eventually take over the user's computer" - Avanan.
The method used to gain access to Teams accounts remains unclear but some possibilities include stealing credentials for email or Microsoft 365 via phishing or compromising a partner organization.
The researchers say that the issue is aggravated by "The fact that default Teams protections are lacking, as scanning for malicious links and files is limited" and "Many email security solutions do not offer robust protection for Teams."
News URL
Related news
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- Ransomware attackers are “vishing” organizations via Microsoft Teams (source)