Security News > 2022 > February > Microsoft Teams Targeted With Takeover Trojans
Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.
In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user's computer, according to a report published Thursday.
Now Microsoft Teams - a business communication and collaboration suite - is emerging as an increasingly popular attack surface for cybercriminals, Fuchs said.
"They can compromise an email address and use that to access Teams. They can steal Microsoft 365 credentials, giving them carte blanche access to Teams and the rest of the Office suite."
An Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform," Fuchs wrote.
In the attack vector Avanan researchers observed, attackers first access Teams through one of the aforementioned ways, such as a phishing email that spoofs a user, or through a lateral attack on the network.
News URL
https://threatpost.com/microsoft-teams-targeted-takeover-trojans/178497/
Related news
- Ransomware attackers are “vishing” organizations via Microsoft Teams (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish (source)