Security researchers have found thousands of cyberattacks involving the misuse of the Microsoft Teams chat tool. Microsoft Teams is a workspace communication and networking platform that enables organisations to interact via video conferencing, save files, initiate conversations, and link applications simultaneously. The platform has proven to be a precious and productive communication channel, particularly now that the world is being held hostage by the COVID-19 pandemic. As of January 20, 2022, it had 270 million monthly active users. While this is helpful for the firm, it also makes Teams users an attractive target for hackers. They join chat rooms and distribute harmful executables to participants.

IT cybersecurity experts made the newest discovery at Avanan, a cloud email security consulting firm and a unit of Check Point Software Technologies, who discovered a malware attack attempt against Teams members by abusing and sliding into the platform’s messenger feature. As per the experts, attackers attach malicious files to chat threads that, when clicked, install a trojan on the victim’s device, enabling the attackers to manage the device remotely. They further claimed that the company had experienced thousands of such cyberattacks every month since January 2022, in which malware files are disseminated over Teams’ chats.

When the virus is executed, it writes data into the system registry, installs DLLs, and establishes persistence on the Windows PC. The method utilised to access Teams accounts is unknown, but some alternatives include phishing for email or Microsoft 365 accessor compromising a partner organisation.

According to the researchers, the problem is exacerbated by default Teams’ defences being inadequate, as scanning for dangerous links and files is restricted, and many email security mechanisms do not provide adequate security for Teams.

To get the latest updates on various cyber-related events & other things, you can join our Whatsapp group / Telegram Channel.

-Adv. Sabrina Bath

(Content Writer, WCSF)

error: Content is protected !!
Share This