Your Microsoft Teams account might not be as secure as you thought: Hackers are spreading malware through the business software service.
Since January, researchers say, Microsoft Teams‘ 270 million users risked an attack in the form of a malicious executable trojan file attached to a conversation on the collaboration platform.
Once clicked, the file “will eventually take over the user’s computer,” according to the researchers, who have seen thousands of attacks.
It’s a particularly large concern given how many users feel they can let their guard down while using Teams. The lesson here: When it comes to cybersecurity, no one’s completely safe.
What to Know
Researchers at security company Avanan spotted the malware campaign last month. The malicious .exe files work by writing data into the Windows registry and installing DLL files along with the shortcut links needed for the program to self-deploy.
In an example of the self-installing file posted to the Avanan website, the malicious file in question is labelled “UserCentric.exe,” which is a pretty shameless move from the hackers.
How do the hackers sneak into Microsoft Teams in the first place? Avanan notes that there are multiple ways:
“They can compromise a partner organization and listen in on inter-organizational chats. They can compromise an email address and use that to access Teams. They can steal Microsoft 365 credentials from a previous phishing campaign, giving them carte blanche access to Teams and the rest of the Office suite.”
Hackers have been able to compromise Microsoft 365 accounts with the usual email phishing methods in the past, and now they’ve found a new use for those stolen credentials.
Misplaced Trust
Worse than the threat of a not-so-user friendly file, though, is how often sensitive information is shared within Microsoft Teams by people who think it’s safe.
An Avanan analysis found that doctors share their patient medical information “practically with no limits” on the Teams platform, for instance — even though they would never share that same data over an email. And ironically, it may be even easier to impersonate a CEO in Teams than over email.
Collaboration platforms are deeply useful tools for businesses everywhere, particularly given the ongoing pandemic that has elevated remote workers to far more visibility than ever before. But without the same security precautions that every other online space requires, collaboration platforms can be every bit as dangerous.
Staying Safe
As always, check the credentials of anyone who’s sharing a .exe file with you before hitting the download button. Avanan also recommends implementing a trojan-specific protection that downloads all files to a sandbox in order to “inspect them for malicious content.” A good business VPN and a password manager can add another layer of security as well.
While opting for a completely different platform won’t ensure full protection from bad actors, it will ensure any leaked Microsoft 360 logins won’t be your business’ downfall. We’ve ranked other top web conferencing solutions over here — they won’t replace everything Microsoft Teams’ feature-packed platform offers, but they might do what you need.
