Is It Possible To Exploit User Data Via GIFs? That's What Happened To A Microsoft App

Anil - Apr 30, 2020


Is It Possible To Exploit User Data Via GIFs? That's What Happened To A Microsoft App

Private data exploited through Microsoft Teams includes secret information, passwords, business plans, and so on.

Together with many video conferencing apps, Microsoft Teams has witnessed phenomenal growth in popularity during the COVID-19 pandemic and resultant work-from-home policies. However, they have had to cope with new difficulties, especially privacy concerns, which could become a huge threat for corporates. 

Microsoft Teams App 1
Microsoft Teams.

Last month, security researchers at CyberArk discovered a flaw in both desktop and web browser versions of Microsoft Teams  Surprisingly, the affected account and its related computer’s data were nearly at risk because of a … GIF.

As it turned out, when the user saw a particular GIF that had been sent to them, the hacker behind the background could utilize a compromised subdomain to steal security tokens and exploit the database of that user. 

This vulnerability is undoubtedly severe because it can spread far and wide with no need for manual interference. According to CyberArk, in the end, the hacker could gain access to all of your private data through your Teams accounts, which include secret information, competitive data, passwords, business plans, and so on. 

Microsoft Teams App 3
Private data exploited through Microsoft Teams includes secret information, passwords, business plans, and so on.

Moreover, the situation may get worse if this security flaw was exploited to send false information to employees under the name of a company’s honorable leadership, causing the following damages such as financial crisis, confusion, data leakage, etc. 

It seems that those companies using their exclusive Teams account for internal communication might reduce the possibility of that security flaw; however, as explained by CyberArk, a simple invitation to a conference call with an outsider can put your account at a high level of risk. 

Fortunately, after the flaw had been reported to Microsoft on 23rd March, it was addressed and fixed in the latest update on 20th April. It was the result of a collaboration between CyberArk and Microsoft Security Research Center under Coordinated Vulnerability Disclosure, which received a lot of tremendous compliments. Until now, no account has been recorded to have been compromised by cybercriminals.

Comments

Sort by Newest | Popular

Next Story

Read more

Llama-Based 'Antibody Cocktail' Can Treat COVID-19 Patients In Severe Condition

Features- Jul 15, 2020

Llama-Based 'Antibody Cocktail' Can Treat COVID-19 Patients In Severe Condition

Scientists have created a therapy to boost the human immune system for COVID-19 treatment using Fifi the llama’s evolved antibodies.

Indian Government Orders Notifying If An Online Product Is From China

Features- Jul 14, 2020

Indian Government Orders Notifying If An Online Product Is From China

E-commerce platforms have been ordered by the Indian government to clearly display the products’ country of origin when uploading them on their sites.

Cricket App Live: Best Options For iOS, Android, And PC

Features- Jul 15, 2020

Cricket App Live: Best Options For iOS, Android, And PC

Whatever device you have, Android, iOS, or PC, there are good options for cricket app live that can satisfy your needs for the latest updates

Burger King Tries To Make Its Cows Fart Less To Save The Environment

Features- Jul 15, 2020

Burger King Tries To Make Its Cows Fart Less To Save The Environment

Burger King is trying to reduce the methane waste its cows emit by tweaking the animals’ diet. What it does is to add lemongrass to the cattle feed

Indian Firm Took Part In Building World’s 1st Fusion Reactor

Features- Jul 13, 2020

Indian Firm Took Part In Building World’s 1st Fusion Reactor

The world's 1st fusion reactor, ITER, or the International Thermonuclear Experimental Reactor is a $23.7 billion project funded by 35 nations.

You Would Not Believe These Are The Most Popular Songs People Masturbate To

Features- Jul 14, 2020

You Would Not Believe These Are The Most Popular Songs People Masturbate To

These are the top songs people masturbate to. If none of them works for you, we have our own suggestions you may want to take a look