Security News > 2023 > July > Malware delivery to Microsoft Teams users made easy

A tool that automates the delivery of malware from external attackers to target employees' Microsoft Teams inbox has been released.

TeamsPhisher is a Python-based tool created by US Navy read teamer Alex Reid that allows attackers to deliver attachments to Microsoft Teams users.

TeamsPhisher incorporates Corbridge's and Ellson's technique for manipulating Teams web requests, earlier techniques disclosed by read teamer Andrea Santese, and uses the TeamsEnum Python script to find existing Microsoft Teams users.

"TeamsPhisher requires that users have a Microsoft Business account with a valid Teams and Sharepoint license. This means you will need an AAD tenant and at least one user with a corresponding license. At the time of publication, there are some free trial licenses available in the AAD license center that fulfill the requirements for this tool," Reid explained.

Using the tool is easy: the read teamer / attacker provides the malicious attachment, a message, and a list of target Teams users.

Reid pointed out that organizations can mitigate the risk posed by this vulnerability by managing the options related to external access via the Microsoft Teams admin center.

News URL

https://www.helpnetsecurity.com/2023/07/10/microsoft-teams-malware-delivery/