GIFShell attack creates reverse shell using Microsoft Teams GIFs

struppigel

Moderator
Thread author
Verified
Staff Member
Well-known
Apr 9, 2020
656
A new attack technique called ‘GIFShell’ allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs.

The new attack scenario, shared exclusively with BleepingComputer, illustrates how attackers can string together numerous Microsoft Teams vulnerabilities and flaws to abuse legitimate Microsoft infrastructure to deliver malicious files, commands, and perform exfiltrating data via GIFs.

As the data exfiltration is done through Microsoft's own servers, the traffic will be harder to detect by security software that sees it as legitimate Microsoft Team's traffic.

More here: GIFShell attack creates reverse shell using Microsoft Teams GIFs
 

Pixelman

Level 4
Verified
Well-known
Jun 7, 2022
149
GIFs now:

girl door GIF
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top