Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation.
More than 270 million users are relying on Microsoft Teams every month, many of them trusting the platform implicitly, despite the absence of protections against malicious files.
Simple but efficient method
Researchers at Avanan, a Check Point company that secures cloud email and collaboration platforms, found that hackers started to drop malicious executable files in conversations on Microsoft Teams communication platform.
The attacks started in January, the company says in a report today, and the threat actor inserts in a chat an executable file called “User Centric” to trick the user into running it.
Once executed, the malware writes data into the system registry installs DLLs and establishes persistence on the Windows machine.
“In this Teams attack, hackers have attached a malicious Trojan document to a chat thread. When clicked on, the file will eventually take over the user’s computer” – Avanan
Manage Microsoft Teams settings for your organization
Here you can turn on or turn off file sharing and cloud file storage options. read Article and turn off file sharing
Users can upload and share files from cloud storage services in Teams channels and chats. Cloud storage options in Teams currently include Dropbox, Box, Citrix files, Google Drive, and Egnyte. Turn on the switch for the cloud storage providers that your organization wants to use.
Using either the above solution and fixing the issues or
Use Bitdefender/MspPortal Partners malware protection in combination of Barracuda/MspPortal Partners Spam, Phishing malware protection
Roy Miehe | MspPortal Partners Inc. | Ceo/President Bitdefender /MSP Aggregator – Distributor “Where Service and Technical Skills Count”