GIFShell attack creates reverse shell using Microsoft Teams GIFs

Kent Sharkey

Bleeping Computer[^]:

A new attack technique called ‘GIFShell’ allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs.

Beware of hackers bearing GIFs

"Microsoft supports sending HTML base64 encoded GIFs, but does not scan the byte content of those GIFs." <- because of course "no one" would ever do anything bad with those.

obermd

The new attack scenario, shared exclusively with BleepingComputer, illustrates how attackers can string together numerous Microsoft Teams vulnerabilities and flaws

This is why even low priority security vulnerabilities need to be patched.