Security News > 2023 > July > New tool exploits Microsoft Teams bug to send malware to users

A member of U.S. Navy's red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants.
The tool exploits a problem highlighted last month by Max Corbridge and Tom Ellson of UK-based security services company Jumpsec, who explained how an attacker could easily go around Microsoft Teams' file-sending restraints to deliver malware from an external account.
"Give TeamsPhisher an attachment, a message, and a list of target Teams users. It will upload the attachment to the sender's Sharepoint, and then iterate through the list of targets," reads the description from Alex Reid, the developer of the red team utility.
TeamsPhisher requires users to have a Microsoft Business account with a valid Teams and Sharepoint license, which is common for many major companies.
Microsoft Teams bug allows malware delivery from external accounts.
Microsoft 365 phishing attacks use encrypted RPMSG messages.
News URL
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)