At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Hackers slip into Microsoft Teams chats to distribute malware

    See the source image

    Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation.

    More than 270 million users are relying on Microsoft Teams every month, many of them trusting the platform implicitly, despite the absence of protections against malicious files.

    Simple but efficient method

    Researchers at Avanan, a Check Point company that secures cloud email and collaboration platforms, found that hackers started to drop malicious executable files in conversations on Microsoft Teams communication platform.

    The attacks started in January, the company says in a report today, and the threat actor inserts in a chat an executable file called “User Centric” to trick the user into running it. Once executed, the malware writes data into the system registry installs DLLs and establishes persistence on the Windows machine.

    The method used to gain access to Teams accounts remains unclear but some possibilities include stealing credentials for email or Microsoft 365 via phishing or compromising a partner organization. Automatic analysis of the malware distributed this way shows that the trojan can establish persistence through Windows Registry Run keys or by creating an entry in the startup folder.

    It also collects detailed information about the operating system and the hardware it runs on, along with the security state of the machine based on the OS version and the patches installed. Although the attack is quite simple, it may also be very efficient because many users trust files received over Teams, Avanan researchers say.

    The company analyzed data from hospitals that use Teams and found that doctors use the platform to share medical information unrestricted. While individuals are typically suspicious of information received over email, due to email phishing awareness training, they exhibit no caution with files received over Teams.

    Moreover, Teams provides guest and external access capabilities that allow collaboration with people outside the company. Avanan says that these invitations are usually met by minimal oversight.

    If you don’t want to be a victim of this style of malware, Security Awareness Training, again, is the answer.

    With thanks to the Cyber Defence Alliance and Bleeping Computer. The full story is here: https://www.bleepingcomputer.com/news/security/hackers-slip-into-microsoft-teams-chats-to-distribute-malware/

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    Save My Spot!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top