If you are a regular user of Microsoft Teams, beware.Cyber security experts are warning of a new attack that is using fake versions of this popular service to fill PCs with worrying malware.The threat has been discovered by the team at Blackpoint SOC who say hackers are using adverts on search engines that entice users into installing fake versions of the Teams meeting application.
Read more: Free Windows 10 updates for another year in Europe but UK misses out Read more: Windows 10 risks will ‘increase over time’ if you don’t upgrade What makes things more terrifying is that the link embedded within the ad appears official and resembles a legitimate Teams client.That couldn't be further from the truth, as it silently deploys a persistent backdoor in the background without user awareness.Article continues below ADVERTISEMENTOnce downloaded, the attack then adds scary Broomstick malware onto the victim's laptop.
It's a vicious bug that can give cyber crooks full access to devices and even install software without the owner's permission.Explaining more, Blackpoint said: "Execution of the fake installer results in the deployment of the Oyster backdoor, also known as Broomstick.Oyster is a modular, multistage backdoor that provides persistent remote access, establishes Command and Control (C2) communications, collects host information, and enables the delivery of follow-on payloads.By hiding behind a widely used collaboration platform, Oyster is well positioned to evade casual detection and blend into the noise of normal enterprise activity."Apple's John Ternus shares insight into the new iPhone It's now vital that all Windows users take care before installing any versions of Teams.
If an update is needed or a download is taking place for the first time, then always head to the official website to get the application.Another tip is to be careful when searching for Teams as this is where the cyber crooks are cashing in by showing fake adverts and downloads that appear real.Article continues below ADVERTISEMENTYou can find out more about Teams here."This activity highlights the continued abuse of SEO poisoning and malicious advertisements to deliver commodity backdoors under the guise of trusted software," Blackpoint added."Threat actors are exploiting user trust in search results and well-known brands to gain initial access.To reduce exposure, users ar encouraged to download collaboration tools only from verified Microsoft domains and avoid reliance on search engine advertisements for critical software." SUBSCRIBE Invalid emailWe use your sign-up to provide content in ways you've consented to and to improve our understanding of you.
This may include adverts from us and 3rd parties based on our understanding.You can unsubscribe at any time.Read our Privacy Policy
