Over a quarter of a billion people use Teams every month.
Under the current lockdown/isolate/work-from-home regimes, it is a vital tool for most of us. Many organisations including us even use it for our phones because it is so flexible and excellent value.
You can imagine our horror to read that there are signs of hackers starting to explore putting malicious content into chat conversations.
(By the way, if they can do it to Teams, they are also doing it with Zoom and any other similar tools.)
“Avanan” is a business that is part of Check Point. They are one of many cyber-security research businesses around the world constantly monitoring threats. They tell us that they started to detect threats in January this year.
What happens is the hacker simply copies an executable piece of code into the chat and tricks the user into running it. That means it bypasses the inbound email security scanning and the website scanning.
The example they shared was called ‘user centric” and included code that installed itrself into Windows and would let the hacker take control – even stealing your credentials.
Lessons:
1. Apply your normal caution before installing any software, irrespective of how it comes to you
2. Make sure the people on your video call/chat ARE who you think they are
3. Use strengthened device protection in place of regular AV (XDR – “Extended detection and response”) such as the tools inclded in KARE for Security S2.
4. Ask for help if you aren’t sure – better safe than sorry
Good news for KARE for Security clients
Microsoft recently extended their Defender/ATP protection into Microsoft Teams. We have tested it and we’re now retrofitting it to all KARE for Security subscribers.
Source : Hackers slip into Microsoft Teams chats to distribute malware (bleepingcomputer.com)