Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Microsoft Teams Targeted With Takeover Trojans
#1
Quote:Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.

In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user’s computer, according to a report published Thursday. “Using an executable file, or a file that contains instructions for the system to execute, hackers can install DLL files and allow the program to self-administer and take control over the computer,” cybersecurity researcher and analyst at Avanan Jeremy Fuchs wrote in a report. “By attaching the file to a Teams attack, hackers have found a new way to easily target millions of users.”
Once an attacker gains access to Teams, it’s fairly easy to navigate and slip past any security protections, he noted. This is because “default Teams protections are lacking, as scanning for malicious links and files is limited,” and “many email security solutions do not offer robust protection for Teams,” Fuchs wrote.

Another reason Teams is easy for hackers to compromise is that end users inherently trust the platform, sharing sensitive and even confidential data with abandon while using it, he said. “For example, an Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform,” Fuchs wrote. “Medical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. In their mind, everything can be sent on Teams.” Further, nearly every Teams user can invite people from other departments or other companies to collaborate via the platform, and there is often “minimal oversight” over these requests because of the trust people have


Source https://threatpost.com/microsoft-teams-t...ns/178497/
Reply
#2
Need to wall off Internet from China and Russia.

(02-20-2022 , 06:06 AM)Mohammad.Poorya Wrote:
Quote:Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.

In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user’s computer, according to a report published Thursday. “Using an executable file, or a file that contains instructions for the system to execute, hackers can install DLL files and allow the program to self-administer and take control over the computer,” cybersecurity researcher and analyst at Avanan Jeremy Fuchs wrote in a report. “By attaching the file to a Teams attack, hackers have found a new way to easily target millions of users.”
Once an attacker gains access to Teams, it’s fairly easy to navigate and slip past any security protections, he noted. This is because “default Teams protections are lacking, as scanning for malicious links and files is limited,” and “many email security solutions do not offer robust protection for Teams,” Fuchs wrote.

Another reason Teams is easy for hackers to compromise is that end users inherently trust the platform, sharing sensitive and even confidential data with abandon while using it, he said. “For example, an Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform,” Fuchs wrote. “Medical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. In their mind, everything can be sent on Teams.” Further, nearly every Teams user can invite people from other departments or other companies to collaborate via the platform, and there is often “minimal oversight” over these requests because of the trust people have


Source https://threatpost.com/microsoft-teams-t...ns/178497/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Microsoft's Teams app hit by possible networking glitch tarekma7 0 805 02-17-2021 , 08:10 PM
Last Post: tarekma7
  Microsoft Wants to Make Microsoft Teams Less of a Resource Hog mrtrout 0 890 01-28-2021 , 02:05 AM
Last Post: mrtrout
  Microsoft Shares More Data on Microsoft Teams’ 2020 Growth mrtrout 0 858 01-28-2021 , 02:00 AM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)