Malicious GIFs could hijack your Microsoft Teams account

Security researchers have uncovered a vulnerability in video conferencing service Microsoft Teams that could allow hackers to scrape data and hijack accounts using malicious GIFs.According to the report, the subdomain takeover vulnerability allows hackers to steal login credentials, take over accounts and further sow infected images – and eventually seize control of an organization’s entire account roster.Discovered by US-based security firm CyberArk, the Microsoft Teams flaw affects both desktop and web browser clients. Reportedly, users do not have to share or interact with the infected GIF to be affected – only receive it.
Major Microsoft Teams update brings host of new featuresWhat is Microsoft Teams? How it works, tips and tricks and best alternativesMicrosoft Teams doubles down on security advice
Microsoft Teams security flaw
In line with similar growth seen by its video conferencing rivals, Microsoft Teams surged to 44 million daily active users in mid-March as a result of coronavirus lockdown measures – a figure that is likely even higher at the time of writing.Meteoric growth among video conferencing services has also attracted heightened attention from cybercriminals looking to take advantage of remote workers. As a result, market leading services such as Zoom have been left scrambling to shore up any potential chinks in their security armor. The Microsoft Teams exploit discovered by CyberArk makes use of a quirk in the way the application handles image resources, such as GIFs. Each infected user can be converted into “spreading points” and the malicious image can also be delivered to group channels, accelerating the rate of infection.The capacity for a stealth-based attack makes this variety of attack especially potent – by the time the incident is detected, many (if not all) accounts could have been compromised.According to Geraint Williams, CISO at risk management firm GRCI, effective identity and access management can go a long way towards mitigating against attacks of this kind.“With tools like Teams, it is so important to ensure that only approved and regulated users can access the platform and post in collaboration activities – it all boils down to having robust user access controls and strong authentication processes in place,” he told TechRadar Pro.“It’s also crucial that you regularly attack these defences yourself so you can assess them for weak points…so you can simulate malicious insiders and identify the extent of the damage attackers can cause.”Microsoft did not immediately respond to our request for comment, but a fix was reportedly issued after CyberArk altered the company to the vulnerability.
Here’s our list of the best video conferencing software on the market