December 9, 2023

Hackers have infiltrating Microsoft Teams meetings with the goal of circulating malware to unsuspecting users. 

Its been noted that the attacks, involves hackers dropping malicious executable files on Microsoft Teams through in-session chats as per the published report by Avanon.

Advertisements

The hackers are likely infiltrating Microsoft Teams after first compromising an email account belonging to an employee. The email account can then be used to access Teams meetings at their company. 

Hackers could also be stealing login credentials for Microsoft 365 which bundles Microsoft Teams through email phishing campaigns. Hackers are quite adept at compromising Microsoft 365 accounts using traditional email phishing methods, they’ve learned that the same credentials work for Teams.

Hackers will drop a malicious executable file that pretends to be a legitimate program called “User Centric.” If a user installs it, the Trojan program will drop malicious DLL files on the PC, which can allow the hacker to remotely hijack the system.  By this their exist a possibility of affecting millions of devices.

Advertisements

Microsoft didn’t immediately respond to a request for comment. A support document says Microsoft Teams does have a built-in antivirus  detection through Microsoft 365, the scanning was still limited, and slow to identify attacks in real-time.  

As Teams usage continues to increase, Avanan expects a significant increase in these sorts of attacks. Microsoft itself recently reported the Teams product now has over 270 million monthly active users. 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d