Skip to main content

Hackers can now sneak malware into the GIFs you share

How low will malware go to get onto your device? We thought using Minecraft to gain access to your computer was the most nefarious method hackers have produced, but there’s a new, even lower type of attack that uses Microsoft Teams and GIFs to mount phishing attacks on your computer.

The new attack is called GIFShell and it installs malware on your computer to steal data. It does so by sneaking itself into innocent-looking GIFs and then waiting for you to share the GIF with your colleagues via Microsoft Teams.

A video call in progress on Microsoft Teams.
Image used with permission by copyright holder

The problem was discovered by cybersecurity expert Bobby Rauch, who shared his findings exclusively with Bleeping Computers. This new GIF attack exploits multiple vulnerabilities in Microsoft Teams to create a chain of command executions.

Recommended Videos

The only thing the attackers need is a way to get into Microsoft Teams in the first place, and they have settled on one of everyone’s favorite web items: GIFs. The attacks include malicious code in base64 encoded GIFs. They then use Microsoft’s own web infrastructure to unpack the commands and install them directly on your computer.

Microsoft Teams is fairly secure and has multiple levels of protection against malicious file sharing. However, GIFs are usually benign, and people love sharing them. They’re the perfect conduit for attacks.

The files can spoof your computer into opening Windows programs such as Excel. It can then send data back to its originator by tricking Windows into connecting to a remote server.

Rauch disclosed his findings to Microsoft in May 2022, but the company has yet to fix the flaws. Microsoft told Bleeping Computers the GIF attacks “do not meet the bar for an urgent security fix.”

The best thing you can do for now is to not open any GIFs someone may share with you on Teams. We’ll keep an eye on this story and let you know when, and if, Microsoft gets around to fixing the vulnerability.

Nathan Drescher
Former Computing Writer
Nathan Drescher is a freelance journalist and writer from Ottawa, Canada. He's been writing about technology from around the…
The delay is over — you can now generate images with ChatGPT for free
OpenAI ChatGPT image

After an explosive launch, a viral trend, and some melted GPUs, the new image generation feature for ChatGPT is now available to free users. The feature originally launched on March 25 but because paid subscribers utterly flooded OpenAI with requests for Ghiblified images, CEO Sam Altman announced the next day that the rollout to free users would be delayed "a while."

Luckily, it appears this delay is over just five days later -- Altman has already published another X post saying that "image gen [is] now rolled out to all free users!"

Read more
You can now have secret chats with Google’s Gemini in incognito mode
Launching Gemini Deep Research query on Chrome desktop.

You can now have a quick chat with Gemini on your web browser without having to sign in first. And, to speed up the process, the Gemini website even takes you directly to the chat window instead of showing you a landing page first.

This move, spotted by 9To5Google, is pretty smart as it allows unconvinced users to try out the product with no strings attached. With any luck, they'll enjoy the experience and decide to sign up to get access to more of the features.

Read more
DeepSeek has a new rival, and you can try it out right now
A screenshot of Alibaba's Qwen Chat.

Alibaba has just unveiled its latest reasoning model, and it seems that DeepSeek and OpenAI might have something to worry about -- at least if all of Alibaba's promises turn out to be true. It's open-source, so I checked it out. You can try it out for free, too, although unsurprisingly, you'll find that there are some things it won't talk to you about.

The new model, dubbed QwQ-32b (Quan-with-Questions) runs on much fewer parameters, meaning that it requires less resources, but Alibaba claims that it performs at the same level as DeepSeek or OpenAI's o1-mini.

Read more