Security News > 2023 > July > Malware delivery to Microsoft Teams users made easy
A tool that automates the delivery of malware from external attackers to target employees' Microsoft Teams inbox has been released.
TeamsPhisher is a Python-based tool created by US Navy read teamer Alex Reid that allows attackers to deliver attachments to Microsoft Teams users.
TeamsPhisher incorporates Corbridge's and Ellson's technique for manipulating Teams web requests, earlier techniques disclosed by read teamer Andrea Santese, and uses the TeamsEnum Python script to find existing Microsoft Teams users.
"TeamsPhisher requires that users have a Microsoft Business account with a valid Teams and Sharepoint license. This means you will need an AAD tenant and at least one user with a corresponding license. At the time of publication, there are some free trial licenses available in the AAD license center that fulfill the requirements for this tool," Reid explained.
Using the tool is easy: the read teamer / attacker provides the malicious attachment, a message, and a list of target Teams users.
Reid pointed out that organizations can mitigate the risk posed by this vulnerability by managing the options related to external access via the Microsoft Teams admin center.
News URL
https://www.helpnetsecurity.com/2023/07/10/microsoft-teams-malware-delivery/
Related news
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- Microsoft is killing Skype today, pushes users to Teams (source)
- New Microsoft 365 outage impacts Teams and other services (source)
- Microsoft Teams will soon block screen capture during meetings (source)