Wednesday, November 20, 2024
HomeMalwaresMicrosoft Teams affected by thousands of malware attacks
Malwares

Microsoft Teams affected by thousands of malware attacks

Mohan
By Mohan
0
525
image: wiki

 

  • Hackers spreading malwares through Microsoft teams.
  • Thousands of attacks have been reported.
  • Amongst others, several Trojans reported

With the advent of the covid-19 pandemic, most employees started to work remotely. For major enterprises which are already tightly coupled with Microsoft solutions, sticking to MS Office solution was a no-brainer. So, for the virtual meetings, Microsoft Teams secured its place (also thanks to its predecessor Skype). Microsoft Teams has been a hit with about 20 million users in November 2019 to 44 million+ in march 2020, then 75 million+ by April, and still increasing day by day. Nearly 270 million users are relying on Microsoft teams every day.

Malware attacks on Microsoft team

With increased traction and user base, MS Teams has had gained some unwanted attention from the hacking communities as well. For the last 3 months, thousands of attacks have been reported on MS Teams.

In this attack, hackers are attaching .exe files to Teams chats to install a Trojan on the end-user’s computer. The Trojan is then used to install malware.

  • Vector: Microsoft Teams
  • Type: Malicious Trojan File
  • Techniques: .exe files
  • Target: Any end-user

In a report, Avanan said that the threat actor inserts in a chat an executable file called “User Centric” to trick the user into running it.Once executed, the malware writes data into the system registry installs DLLs and establishes persistence on the Windows machine.

The method used to gain access to Teams accounts remains unclear but some possibilities include stealing credentials for email or Microsoft 365 via phishing or compromising a partner organization.

Automatic analysis of the malware distributed this way shows that the trojan can establish persistence through Windows Registry Run keys or by creating an entry in the startup folder. It also collects detailed information about the operating system and the hardware it runs on, along with the security state of the machine based on the OS version and the patches installed.

Recommendation

Although the attack is quite simple, it may also be very efficient because many users trust files received over Teams, Avanan researchers say.

To defend against such attacks, Avanan recommends the following:

  • Implement protection that downloads all files in a sandbox and inspects them for malicious content
  • Deploy robust, full-suite security that secures all lines of business communication, including Teams
  • Encourage end-users to reach out to IT when seeing an unfamiliar file
Previous article
American media giant NewsCorp under Cyberattack
Next article
Cuban Ransomware hacks Microsoft Exchange Servers
Mohan
Mohan
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Load more

Recent Comments

722 Ransomware Attacks Occurred in last 3 months, and its rising - Cybermetrics on Ukrainian couple arrested for spreading Ransomwares
722 Ransomware Attacks Occurred in last 3 months, and its rising - Cybermetrics on Cuban Ransomware hacks Microsoft Exchange Servers
Santhosh Gunasekaran on Microsoft suspends new sales in Russia: other firms join hands with Microsoft
Hackers exploiting Log4Shell in VMware Horizon - Cybermetrics on Special Report – Apache Log4j Vulnerability (CVE-2021-44228)
CSIA Publishes Free Cybersecurity Services And Tools - Cybermetrics on Zero Trust Architecture by NIST

© cybermetrics, 2022