Microsoft Teams Targeted With Takeover Trojans

Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.

In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user’s computer, according to a report published Thursday.

Now Microsoft Teams – a business communication and collaboration suite – is emerging as an increasingly popular attack surface for cybercriminals, Fuchs said.

“They can compromise an email address and use that to access Teams. They can steal Microsoft 365 credentials, giving them carte blanche access to Teams and the rest of the Office suite.”

An Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform,” Fuchs wrote.

In the attack vector Avanan researchers observed, attackers first access Teams through one of the aforementioned ways, such as a phishing email that spoofs a user, or through a lateral attack on the network.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

Recent News

Featured Services

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.