Teams Malware

Thanks mainly to the COVID pandemic, Microsoft Teams has seen a rapid rise in people logging in each day with it now boasting over 270 million monthly active users globally.

Microsoft Teams is the newest target for hackers as ‘malicious executable files’ are being dropped under the disguise that they might just be coming from a co-worker.

Hackers have been identified attempting to infiltrate Microsoft Teams meetings with the main goal of “circulating malware to unsuspecting users.”

The attacks were reportedly noticed as early as January this year by an email security provider, which saw malicious executable files being dropped by hackers during in-session Microsoft Teams chats.

Thousands of these types of attacks have now been seen per month. In addition, for hackers to do this, they are most likely using a compromised email belonging to an employee.

With the compromised email, the hackers can access Microsoft Teams meetings within their company. With that, Microsoft 365 credentials can also be stolen.

Once the hackers can infiltrate the meeting, they will then casually drop a file pretending that it is part of a legitimate program known as “User Centric,” and once users click install, their unit will then be infected by a Trojan program dropping “malicious DLL files” which ultimately gives remote hijacking access to the hacker.

If you use Teams then be aware and don’t download any files unless you are certain that they have been sent by a trusted source. In addition, use the Lobby feature to avoid external users crashing meetings, enable private channels within a team, create security groups and configure access settings.

If you need advice or assistance, please contact us at security@valkyrie.co.uk or telephone us at 02074 999 323.

Valkyrie Updates

News

Stay informed with the latest insights, expertise and innovations in the world of security with Valkyrie’s news, reports and white papers