Cybersecurity expert discovers a new attack tactic using Gifs on Microsoft Teams to install a virus or steal data.
“GIFShell installs malware on the device and can sneakily extract data under the guise of harmless GIF images. Rauch noted that the attack entails the exploitation of multiple vulnerabilities in MS Teams to create a chain of command executions.”
“Rauch stated that he notified Microsoft in May 2022. However, Microsoft claims that immediately releasing fixes for the attack is impossible. Moreover, the tech giant stated that the attack techniques “reported” by Rauch don’t meet the requisites for developing an urgent security fix”