Microsoft Teams is a popular collaboration app used by several organizations. The app claims to have 270 million monthly active users. So, cybercriminals are now targeting Teams users with takeover Trojans.
Researchers at Avanan, a Check Point Company, found that cybercriminals are planting malicious executable files in chat threads. On clicking, these files execute a Trojan that can take over the system. Avanan has observed thousands of these attacks per month.
This attack begins with accessing Teams. Hackers can compromise a partner organization or compromise an email address and use that to access Teams. Once they have access to Teams, they can now plant the Trojan in a conversation. Teams is used by organizations for communication with teammates, most users won’t think twice and will click on the attachment.
In some of the attacks, hackers are hacking into Teams by sending an email with a malicious file as an attachment. This attachment is also a Trojan that can take over the system.
To safeguard against these attacks, security researchers recommend implementing protection that downloads all files in a sandbox. Organizations should also encourage users to reach out to IT when seeing an unfamiliar file in an email or Teams conversation. Organizations should also deploy full-suite security to protect business communication.
Also see: Microsoft Teams Keyboard Shortcuts for Windows and macOS
