Hackers can abuse Microsoft Teams updater to install malware

Source
https://www.bleepingcomputer.com/news/security/hackers-can-abuse-microsoft-teams-updater-to-install-malware/
silversurfer

silversurfer

Level 69
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
5,819
Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.

Previous efforts from Microsoft to eliminate this hazard work to an extent but cannot stop attackers from abusing Teams to plant and run their payloads.

A patch for the new method is unlikely to emerge, as Microsoft labeled this a design flaw and a fix would have a negative impact on some customers’ operations.
Click to expand...
Researchers full report below:
www.trustwave.com

Microsoft Teams Updater Living off the Land

During this global pandemic COVID-19 situation, there has been an increasing trend of video conferencing solutions, Trustwave SpiderLabs are exercising extra vigilance in monitoring the video conferencing traffics.
www.trustwave.com www.trustwave.com
 
  • Wow
  • Like
  • +Reputation
Reactions: upnorth, Gandalf_The_Grey, SecurityNightmares and 2 others
You must log in or register to reply here.

Similar threads

LASER_oneXM
Windows Update can be abused to execute malicious programs
Replies
0
Views
417
News Archive
LASER_oneXM
LASER_oneXM
CyberTech
Windows 10 background image tool can be abused to download malware
Replies
2
Views
660
News Archive
jogs
jogs
silversurfer
Single Malicious GIF Opened Microsoft Teams to Nasty Attack
Replies
1
Views
529
News Archive
ctm_rookie
ctm_rookie
Top