It also collects detailed information about the operating system and the hardware it runs on, along with the security state of the machine based on the OS version and the patches installed. The method used to gain access to Teams accounts remains unclear but some possibilities include stealing credentials for email or Microsoft 365 via phishing or compromising a partner organization.Īutomatic analysis of the malware distributed this way shows that the trojan can establish persistence through Windows Registry Run keys or by creating an entry in the startup folder. In a report, Avanan said that the threat actor inserts in a chat an executable file called “User Centric” to trick the user into running it.Once executed, the malware writes data into the system registry installs DLLs and establishes persistence on the Windows machine.
The Trojan is then used to install malware. exe files to Teams chats to install a Trojan on the end-user’s computer. For the last 3 months, thousands of attacks have been reported on MS Teams.
With increased traction and user base, MS Teams has had gained some unwanted attention from the hacking communities as well. Nearly 270 million users are relying on Microsoft teams every day. Microsoft Teams has been a hit with about 20 million users in November 2019 to 44 million+ in march 2020, then 75 million+ by April, and still increasing day by day. So, for the virtual meetings, Microsoft Teams secured its place (also thanks to its predecessor Skype). For major enterprises which are already tightly coupled with Microsoft solutions, sticking to MS Office solution was a no-brainer. With the advent of the covid-19 pandemic, most employees started to work remotely.
0 kommentar(er)
