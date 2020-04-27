Infosecurity Group Websites
Latest
News

Microsoft Teams Funny GIFs Vulnerability Mended

Microsoft has fixed a vulnerability in its Teams app that left users at risk of having their accounts taken over. 

The weakness, which involved exploiting some seemingly innocuous and entertaining GIFs, was discovered by researchers at CyberArk.

"We found that by leveraging a subdomain takeover vulnerability in Microsoft Teams, attackers could have used a malicious GIF to scrape users' data and ultimately take over an organization’s entire roster of Teams accounts," said CyberArk's researchers. 

Alarmingly, the vulnerability was found to be capable of spreading automatically "similar to a worm virus" and had the potential to affect every user of the desktop or web browser version of the Teams app. 

"Since users wouldn’t have to share the GIF—just see it—to be impacted, vulnerabilities like this have the ability to spread automatically," noted researchers.

"Imagine the following scenario. An attacker sends a GIF or an image to a victim and gets control over their account. This vulnerability worked just that way and had the potential to take over an organization’s entire roster of Microsoft Teams accounts."

Among the malicious GIFs identified by researchers was one in which a human-sized Donald Duck sweeps a row of cuddly Mickey Mouse toys from a shop display onto the floor, replacing them with toys in his own image. 

When the user views the malicious GIF, the cyber-attacker could use a compromised subdomain to steal security tokens. Users receiving this malicious GIF would have no clue that they were under cyber-attack.

"The victim sees a regular GIF sent to them—that’s it!" noted researchers. "The victim will never know that they’ve been attacked, making the exploitation of this vulnerability stealthy and dangerous." 

Threats that operate in this way pose a huge challenge for businesses, organizations, and individuals relying on communication platforms like Teams to keep in touch with family, friends, and colleagues during the current widespread COVID-inspired lockdowns. Researchers described this particular danger as "a nightmare from a security perspective."

CyberArk said it notified Microsoft of the vulnerability on March 23, and a patch was released earlier this week. There is no evidence it was ever exploited by cyber-criminals.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Experts Detect 30,000% Increase in #COVID19 Threats

2
News

Nintendo Breach Affects 160,000 User Accounts

3
News

Maze Group Wages Ransomware Attack on Cognizant

4
News

Piracy Site Popcorn Time Targets Kids with New Version

5
News

Microsoft Teams Funny GIFs Vulnerability Mended

6
News

Australian Police Rescue Children from Online Pornography Ring

1
News

Auction of World's Priciest Whisky Ruined by Cyber-Attack

2
News

Brits Embrace New Suspicious Email Reporting Service

3
News

Microsoft Teams Funny GIFs Vulnerability Mended

4
Opinion

#HowTo Spot Lesser-Known Phishing Tricks that Employ Social Engineering

5
Opinion

Business as (un)usual: Communicating During a Pandemic, and Beyond

6
News

89% Reduction in Removal of Child Sexual Abuse Webpages During #COVID19

1
Webinar

Why Remediation Needs to be Part of Your Vulnerability Management Program

2
Webinar

Using SIEM to Protect Against Top Cybersecurity Threats

3
Webinar

Zero Trust: A Cybersecurity Essential and the Key to Success

4
Webinar

The Impact of #COVID19 on the Infosec Industry

5
Webinar

How to Build a Program to Manage Your Third Parties and Supply Chain

6
Webinar

Safeguarding Your Digital Transformation with Detection and Response

1
News Feature

The Privacy-Security Balance in Digital Surveillance: Lessons from COVID-19

2
Interview

Interview: Lisa Plaggemier, Chief Strategy Officer, MediaPro

3
Blog

Working from Home During #COVID19: Increasing Threats

4
Opinion

The Key to Successfully Managing Cyber Risk: Speed

5
Webinar

How to Build a Program to Manage Your Third Parties and Supply Chain

6
Next-Gen

Interview: Hela Lucas, Cybersecurity and Digital Forensics Student, Edinburgh Napier University