Malicious hackers can utilize Microsoft Teams to launch innovative phishing attacks and discreetly carry out commands to steal data via GIFs using a new attack method known as “GIFShell.”
The new attack pattern demonstrates how hackers can merge various Microsoft Teams flaws and security holes to reap the benefits of reliable Microsoft infrastructure and distribute malicious files, and orders, and perform data exfiltration via GIFs.
This attack chain can be highly destructive, especially in network security environments where Microsoft Teams may be one of a limited set of authorized, trusted hosts and apps, as per Raunch. The GIFShell stager can be persuasively dropped and implemented on the victim’s computer by exploiting two additional vulnerabilities found in Microsoft Teams, including a lack of permission enforcement and attachment spoofing.
Bobby Rauch, a cybersecurity expert, and pentester revealed multiple holes in Microsoft Teams that may be chained together for code execution, data theft, cybersecurity bypasses, and phishing attacks. This led Rauch to the discovery of the new attack chain.
This attack’s primary tool is referred to as “GIFShell,” and it enables an attacker to build a reverse shell that sends malicious commands via base64-encoded GIFs in Teams and exfiltrates the output using GIFs recovered by Mi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: