Like most other chat apps, it allows those who use it to send amusing animated Gif images.
Unfortunately, that proved to be problematic.
Recently, researchers from CyberArk discovered a serious security issue with Teams that allowed hackers to exploit the Gif function to compromise a user’s account and steal data. To exploit the flaw, hackers could simply compromise the subdomain serving up a poisoned Gif image. Then, simply by viewing the image, the hackers could gain access.
CyberArk notified Microsoft of the existence of the flaw on March 23rd, 2020, and the company moved quickly to patch the issue. So if you use Teams, know that there’s nothing you have to do beyond making sure your system is updated and you’re using the latest version of the app.
While it’s true that compromising a subdomain to serve up poisoned Gifs isn’t a trivial undertaking, it’s certainly not a daunting challenge for an experienced hacker. Although, the researchers at CyberArk pointed out that its main use would be to select high value targets, as opposed to being a mainstream, widely utilized tactic.
Even so, kudos to the sharp-eyed researchers at CyberArk for catching the issue, and to Microsoft for moving so quickly to correct it. The insidious part about issues like these is that they’re virtually impossible to track or trace. There’s no footprint that gets left behind and users would likely never even know they had been targeted.
Unfortunately, given the dramatic rise in popularity of workplace collaboration tools like Microsoft Teams, they have become increasingly tempting targets. Hackers around the world are constantly probing their capabilities, looking for new ways to exploit them and gain advantage. Stay vigilant, it’s dangerous out there.