Microsoft Teams Chat acting as a malware spread point


Microsoft Teams, a chat based service is in news for spreading malware these days and the Satya Nadella led company has taken a note of the situation and has acknowledged it with a fix.

The chat based service that is claimed to be used by over 270 million users was trending in news from the last weekend for spreading malicious executable files to participants in the conversation.

And as soon as the tech giant was informed of the vulnerability, it pressed its engineers into action who came up with a fix within a few hours of detection/alert.

Microsoft says that it has rolled out a patch in the early hours of Tuesday and so all Teams users will get their software auto updated in a couple of days.

Security researchers from Avanan, a subsidiary of Check Point Technologies were the first to detect that hackers can inject malicious files into conversations on Microsoft Teams Communication Platform and they alerted the world by issuing a report stating that the malware has disrupted many companies operating in Great Lakes area and Michigan, targeting team chats particularly being hosted on servers of various media outlets.

Avanan says that the threat actors have inserted a malicious file into a chat as a “User Centric” update, thus forcing the user into running it. Once induced the malicious software writes data into the system registry and then installs DLLs and vindicates diligence into the windows OS loaded machine.

Menace doesn’t end here; as the threat actors can remote customize the malware into a credential stealing tool for email or Microsoft 365, thus making it a launch pad to execute phishing campaigns on partner/ eco partner companies.

So, far companies serving the healthcare sector and using Teams chat application have also fallen prey to the malware, says experts from Avanan and the victims list seems to increase in a timely manner.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display