Hackers using Microsoft Teams for phishing attacks to spread malware: Report
Cybercriminals are using Microsoft’s video conferencing platform Teams for a new malware campaign. According to a report by AT&T Cybersecurity research, hackers are using Microsoft Teams group chat requests as new phishing attacks to push malicious attachments that can install DarkGate malware payloads on victims’ systems. Researchers claim that the attackers may have used a compromised Teams user (or domain) to send over 1,000 malicious Teams group chat invites.
How these Microsoft Teams group chat requests can be harmfulThe report claims that once the malware is installed on a victim’s system, it will reach out to its command-and-control server. This server has already been identified as part of DarkGate malware infrastructure by Palo Alto Networks, report Bleeping Computer.
As per the report, the hackers were able to push this phishing campaign as Microsoft allows Teams users to message other users by default.
AT&T Cybersecurity network security engineer Peter Boyle has warned: “Unless absolutely necessary for daily business use, disabling External Access in Microsoft Teams is advisable for most companies, as email is generally a more secure and more closely monitored communication channel. As always, end users should be trained to pay attention to…
How these Microsoft Teams group chat requests can be harmfulThe report claims that once the malware is installed on a victim’s system, it will reach out to its command-and-control server. This server has already been identified as part of DarkGate malware infrastructure by Palo Alto Networks, report Bleeping Computer.
As per the report, the hackers were able to push this phishing campaign as Microsoft allows Teams users to message other users by default.
AT&T Cybersecurity network security engineer Peter Boyle has warned: “Unless absolutely necessary for daily business use, disabling External Access in Microsoft Teams is advisable for most companies, as email is generally a more secure and more closely monitored communication channel. As always, end users should be trained to pay attention to…
