Microsoft Teams has over 270 million active monthly users, making it a prime target for hackers.
Researchers Have Spotted Thousands of Teams Attacks Since January
There are two key components to this attack. The first is gaining access to Microsoft Teams accounts, and the second is spreading disguised malicious files. According to security company Avanan, hackers can get access to user accounts in a number of ways. They can use email or Microsft 365 account credentials from previous phishing campaigns or compromise a partner organization to access chats. “Hackers, who can access Teams accounts via East-West attacks, or by leveraging the credentials they harvest in other phishing attacks, have carte blanche to launch attacks against millions of unsuspecting users,” Avanan stated. Once the malicious actors gain access, they drop malicious .exe files titled ‘User Centric,’ into conversations. If executed, the files install a trojan onto the victim’s device, which consequently installs malware. As a result, the hackers gain complete access to the victim’s device. “Using an executable file, or a file that contains instructions for the system to execute, hackers can install malicious file libraries (DLL files) that allow the program to self-administer and take control over the computer,” Avanan added. Since first spotting the attacks in January 2022, Avanan said it has seen thousands of attacks every month.
Hackers are Taking Advantage of User Trust in Teams
The hackers’ modus operandi is fairly straightforward in comparison to many other cyber attacks. However, it works because it takes advantage of the inherent trust users have in the platform. Usually, files received on teams are not met with similar suspicion as those over email. To make matters worse, Teams does not offer a high level of protection against malicious files. In fact, in Avanan’s previous research with hospitals that use Teams, they found that doctors share patient medical data without any limits on the platform. “Medical staff generally know the security rules and risk of sharing information via email but ignore those when it comes to Teams,” the report reads.
What Can You Do to Protect Yourself?
It is important to treat suspicious messages you receive on Teams with the same level of caution as shady emails. Should you receive a sketchy message or file, flag your IT coordinator at once. The first level of access for a hacker is through compromised credentials. These days, hackers rely on phishing campaigns to steal a large trove of credentials. Read up more about phishing and how you can protect yourself here. You also need to protect yourself from trojans, as they can infect devices with malicious files. As Avanan pointed out, the Microsoft Teams platform does not provide a sufficient level of protection from malware and computer viruses. Our recommendation is to sign up for top-quality antivirus software. To protect yourself from trojans, you could check out Kaspersky, which also offers a 30-day free trial. You can find our detailed Kaspersky review here. Alternatively, you can try Bitdefender, which offers a wide range of services and comes at a great price point. Check out our guide to learn more about Bitdefender. Click the button below if you believe it is the right antivirus for you. For more information about our recommended antivirus software, visit this article with the best antivirus.