Vulnerability Management

Microsoft Teams GIFs leveraged in novel GIFShell attack

Threat actors could leverage Microsoft Teams GIFs to facilitate phishing attacks, data exfiltration, and command execution through the novel "GIFShell" attack technique, reports BleepingComputer. Numerous security vulnerabilities within Microsoft Teams have been chained to create the attack, which was discovered by cybersecurity consultant Bobby Rauch. GIFShell, the attack's primary component, enables the creation of a reverse shell that facilitates malicious command delivery through base64-encoded GIFs in MS Teams. Rauch noted that a malicious stager executable could then allow attackers to establish their dedicated MS Teams tenant, before commencing the attack using the GIFShell Python script. Despite the newly-discovered attack, Microsoft said that it will not issue any fixes immediately. "Weve assessed the techniques reported by this researcher and have determined that the two mentioned do not meet the bar for an urgent security fix. Were constantly looking at new ways to better resist phishing to help ensure customer security and may take action in a future release to help mitigate this technique," said Microsoft.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.