Hackers caught dropping malware into Microsoft Teams chats
The self-administering files can take complete control of a user's system after a single click
Microsoft Teams users have been told to be on alert after hackers were spotted slipping malicious .exe executable files into conversations on the app.
The files in question are capable of self-administration and can write data to the Windows registry, install DLL programs, and create shortcut links, according to Check Point firm Avanan.
Upon clicking, the file will automatically take control of the user’s computer.
Avanan cyber security researcher and analyst Jeremy Fuchs said hackers “can steal Microsoft 365 credentials from a previous phishing campaign, giving them carte blanche access to Teams and the rest of the Office suite".
After gaining access to Teams, circumventing any existing security measures is remarkably easy, Fuchs noted. Teams' default protections are lacking, with limited scans for malicious files and links. Most email security solutions do not provide robust protection for Teams, adding to the problem.
Teams is particularly vulnerable given that end users implicitly, and freely share sensitive information through the service.
Minimising downtime risk with resilient edge computing
Add value with on-premise edge computingFree Download
“Medical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. Further, nearly every user can invite people from other departments and there is often minimal oversight when invitations are sent or received from other companies,” explained Fuchs.
Several steps can be taken to mitigate the attack potential, including installing a sandbox that downloads and inspects all for malicious content, implementing multiple layers of security across all forms of communication, including Teams, and encouraging end users to flag suspicious files.
Accelerating AI modernisation with data infrastructure
Generate business value from your AI initiativesFree Download
Recommendations for managing AI risks
Integrate your external AI tool findings into your broader security programsFree Download
Modernise your legacy databases in the cloud
An introduction to cloud databasesFree Download
Powering through to innovation
IT agility drive digital transformationFree Download