Hackers are getting into Microsoft Teams chats to spread Trojan malware, according to reporting from Bleeping Computer. If you are one of the 270 million people who use Microsoft Teams every day, it may be time to make sure your account is locked down.
The article is based on research from Avanan, a firm dedicated to securing cloud email and collaboration platforms. The researchers found that starting in January, hackers would access compromised accounts and shared executable files titled “User Centric.” This file was a Trojan malware that would eventually take control of a user’s computer if they clicked on it.
Part of the reason the attack is so effective, Avanan claims, is because people trust Microsoft Teams (and other chat-based platforms). However, since Microsoft Teams is often used by professionals for file sharing, they are more likely to click on files without questioning the authenticity. If you use Microsoft Teams, make sure you read the file name before clicking on it.
Part of the onus here does fall on Microsoft, too. Teams isn’t exactly feature-rich when it comes to security and scanning files for malicious content. The ability for guests and other temporary users to share files also poses a security risk, though that isn’t necessarily how the hackers are spreading this particular malware.
It isn’t clear yet how the hackers are getting user data, so for now the best course of action is to be proactive. Make sure your password is secure (if you still have one), and make sure you have a reliable antivirus program on your computer.
Avanan recommends a few things to combat the spread of this malware (along with any others that pop up). It’s common sense, but worth repeating. You should have a solid antivirus program that scans and inspects files for malicious content, and contact your IT department if you receive any strange files.
- These are the apps that have kept me glued to the Quest Pro
- Hacker ranks explode — here’s how you can protect yourself
- Hackers target your holiday shopping with new phishing scam
- Half of Google Chrome extensions may be collecting your personal data
- What is Mastodon? Here’s why everyone’s talking about this Twitter alternative