- Apr 9, 2020
- 656
A new attack technique called ‘GIFShell’ allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs.
The new attack scenario, shared exclusively with BleepingComputer, illustrates how attackers can string together numerous Microsoft Teams vulnerabilities and flaws to abuse legitimate Microsoft infrastructure to deliver malicious files, commands, and perform exfiltrating data via GIFs.
As the data exfiltration is done through Microsoft's own servers, the traffic will be harder to detect by security software that sees it as legitimate Microsoft Team's traffic.
More here: GIFShell attack creates reverse shell using Microsoft Teams GIFs