GIFShell attack creates reverse shell using Microsoft Teams GIFs


Threat actors can utilise Microsoft Teams to launch unique phishing attacks and surreptitiously carry out commands to collect data thanks to a new attack method termed “GIFShell.” GIFs.

The new attack scenario, which was revealed to BleepingComputer exclusively, demonstrates how attackers can combine various Microsoft Teams flaws and vulnerabilities to take advantage of reliable Microsoft infrastructure and distribute malicious files, commands, and perform data exfiltration via GIFs. Read More…