Hackers Are Targeting Microsoft Teams Chats

Users are more trusting with Teams than email, cybersecurity firm says

Ben Wodecki, Junior Editor - AI Business

February 23, 2022

2 Min Read
Hand typing on keyboard
Getty Images

Hackers are distributing malware to unsuspecting users of Microsoft’s Teams platform.

The bad actors were found to be placing malicious .exe files on Teams chats, dubbed ‘User Centric.’ If installed, a Trojan program places DLL files on the user’s PC, allowing hackers to remotely take control of the system.

Microsoft is aware of the issue but has yet to comment on it.

Cybersecurity firm Avanan first spotted the attacks in January – suggesting “thousands” have occurred.

“By attaching the file to a Teams attack, hackers have found a new way to easily target millions of users,” the company said. MS Teams has 270 million monthly active users, according to Microsoft.

The bad actors gain access to Teams chats by compromising partner organizations and listening in on inter-organizational chats, according to Avanan.

“They can steal Microsoft 365 credentials from a previous phishing campaign, giving them carte blanche access to Teams and the rest of the Office suite.

“Given that hackers are quite adept at compromising Microsoft 365 accounts using traditional email phishing methods, they’ve learned that the same credentials work for Teams.”

The New York-based firm said users are more trusting when using Teams compared with email.

“Most employees have been trained to second-guess identities in email, but few know how to make sure that the name and photo they see in a Teams conversation are real,” Avanan said.

“This attack demonstrates that hackers are beginning to understand and better utilize Teams as a potential attack vector. As Teams usage continues to increase, Avanan expects a significant increase in these sorts of attacks.”

Avanan’s Teams’ warning came just days after the San Francisco 49ers were hit with a ransomware attack. A hacker stole financial data from the NFL outfit and posted it on the dark web.

This article first appeared in IoT World Today’s sister publication AI Business.

About the Author

Ben Wodecki

Junior Editor - AI Business

Ben Wodecki is the junior editor of AI Business, covering a wide range of AI content. Ben joined the team in March 2021 as assistant editor and was promoted to junior editor. He has written for The New Statesman, Intellectual Property Magazine, and The Telegraph India, among others.

Sign Up for the Newsletter
The most up-to-date news and insights into the latest emerging technologies ... delivered right to your inbox!

You May Also Like