Skip to main content

Hackers can now sneak malware into the GIFs you share

How low will malware go to get onto your device? We thought using Minecraft to gain access to your computer was the most nefarious method hackers have produced, but there’s a new, even lower type of attack that uses Microsoft Teams and GIFs to mount phishing attacks on your computer.

The new attack is called GIFShell and it installs malware on your computer to steal data. It does so by sneaking itself into innocent-looking GIFs and then waiting for you to share the GIF with your colleagues via Microsoft Teams.

A video call in progress on Microsoft Teams.
Image used with permission by copyright holder

The problem was discovered by cybersecurity expert Bobby Rauch, who shared his findings exclusively with Bleeping Computers. This new GIF attack exploits multiple vulnerabilities in Microsoft Teams to create a chain of command executions.

Recommended Videos

The only thing the attackers need is a way to get into Microsoft Teams in the first place, and they have settled on one of everyone’s favorite web items: GIFs. The attacks include malicious code in base64 encoded GIFs. They then use Microsoft’s own web infrastructure to unpack the commands and install them directly on your computer.

Please enable Javascript to view this content

Microsoft Teams is fairly secure and has multiple levels of protection against malicious file sharing. However, GIFs are usually benign, and people love sharing them. They’re the perfect conduit for attacks.

The files can spoof your computer into opening Windows programs such as Excel. It can then send data back to its originator by tricking Windows into connecting to a remote server.

Rauch disclosed his findings to Microsoft in May 2022, but the company has yet to fix the flaws. Microsoft told Bleeping Computers the GIF attacks “do not meet the bar for an urgent security fix.”

The best thing you can do for now is to not open any GIFs someone may share with you on Teams. We’ll keep an eye on this story and let you know when, and if, Microsoft gets around to fixing the vulnerability.

Nathan Drescher
Former Digital Trends Contributor
Nathan Drescher is a freelance journalist and writer from Ottawa, Canada. He's been writing about technology from around the…
If you use one of these passwords, hackers will love you
Username and password on a tablet screen.

You would think that at this point, people would be using stronger passwords. Sorry to disappoint you, but according to NordPass' annual list of the world's most popular passwords, the unoriginal choices are a letdown.

123456 is the back-to-back champ for the most common and easiest password. But on the bright side, at least "password" doesn't have the No. 1 spot like it did in the past. The remaining top spots go to passwords such as:

Read more
You can now generate AI videos right in Premiere Pro
An example of the Firefly video generator

Firefly can now generate videos from image and text prompts, as well as extend existing clips, Adobe announced on Monday. The new feature is currently rolling out to Premiere Pro subscribers.

The video generation feature makes its debut in a number of new tools for Premiere Pro and the Firefly web app. PP's Generative Extend, for example, can tack on up to two seconds of added AI footage to either the beginning or ending of a clip, as well as make mid-shot adjustments to the camera position, tracking, and even the shot subjects themselves.

Read more
Microsoft Copilot now has a voice and can ‘see what you see’ on the internet
Microsoft CEO Satya Nadella announces updates to the company's Copilot artificial intelligence (AI) tool.

You might want to start treating your web browser like you're always at work, at least if you want to use Microsoft's new Copilot Vision feature. The feature, which is natively built into Microsoft Edge, is able to "see what you see, and hear what you hear" as you navigate your browser, according to Microsoft's Executive Vice President Yusuf Mehdi.

All of this AI snooping isn't for nothing. Copilot Vision looks at what you're doing online to answer questions, provide recommendations, and summarize content. It can work with the new Copilot Voice feature, for example. Microsoft demoed the capabilities on Rotten Tomatoes, showing a user chatting with Copilot while browsing the website and looking for movie recommendations. Ultimately, Copilot settled on an Australian comedy for the Australian speaker, saying it made the choice because, "well, you're Australian." I guess that's taking personal context into account.

Read more