Hackers Are Now Sending Malware Through Microsoft Teams at Work
A threat group is using Microsoft Teams to deliver dangerous malware. If you or your family use Teams for work or school, here's what you need to know now.
Source
GetCyberRight Intelligence
Original headline: Teams Malware Attack Warning
Plain-English summary by GetCyberRight. Read the full report at the source above.
What Just Happened
Cybercriminals have found a new way to attack people at work. A hacking group called UNC6692 is sending malicious software directly through Microsoft Teams chat messages. This isn't a phishing link you can avoid clicking. It's actual malware being delivered through a platform millions of people trust every day for work, school, and even family communication.
The Details
Microsoft Teams has become a daily tool for remote workers, students, and hybrid teams. Most people consider it safe because it's made by Microsoft and managed by their workplace IT departments. That trust is exactly what hackers are exploiting.
Here's how the attack works. Criminals send what looks like a normal Teams message to employees. The message contains malware disguised as something legitimate, like a work file or document. Because it comes through Teams rather than email, it bypasses many security systems that companies use to protect their networks. People are also less suspicious of Teams messages because they assume only coworkers and approved contacts can reach them.
The malware these hackers are using is custom built. That means it's specifically designed to avoid detection by common antivirus software. Once installed on a computer, it can steal passwords, access company files, or even spread to other devices on the same network.
Who Is Affected
Anyone who uses Microsoft Teams for work is potentially at risk. This includes remote workers, office employees, and hybrid workers who split time between home and office. If your family members use Teams daily, they could receive one of these malicious messages.
Schools and universities using Teams are also targets. Students, teachers, and administrators who trust messages from their educational network could accidentally download malware. The risk extends to home networks too. If someone opens malware on their work laptop while connected to home WiFi, it could spread to other family devices.
What You Should Do Right Now
Talk to family members who use Teams for work or school. Ask them to be suspicious of unexpected file attachments, even from people they know. Accounts get compromised, and hackers impersonate trusted contacts.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
Never download files from unknown Teams contacts. If you receive a message from someone outside your organization, verify their identity through another method before opening anything.
Enable multi-factor authentication on your Microsoft account. This adds a critical second layer of protection if your password gets stolen. Go to your Microsoft account security settings today.
Keep work and personal devices separate when possible. Don't use your work laptop for personal browsing or connect it to unsecured networks. This limits how far an infection can spread.
Report suspicious Teams messages to your IT department immediately. Even if you're not sure it's malicious, let the experts investigate. Fast reporting can prevent others from becoming victims.
The Bigger Picture
This attack represents a troubling shift in cybercrime tactics. Hackers are moving away from traditional email phishing toward trusted workplace tools. As families increasingly blend work and home technology, these professional security threats become household problems. Staying informed about emerging attack methods protects not just your job, but your entire family's digital safety.
How GetCyberRight Can Help
Our Cyber Threat Radar tool tracks exactly these kinds of emerging threats in real time. It monitors how criminals weaponize trusted platforms like Microsoft Teams and translates technical security alerts into clear, actionable guidance for families. When new malware delivery methods emerge, you'll know about them before they reach your household.
Curated from trusted cybersecurity sources by GetCyberRight
Source: GetCyberRight IntelligenceStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles
Why 30,000 People Fell for a Phishing Scam That Looked Like Google
A sophisticated phishing operation stole 30,000 Facebook accounts by hiding behind Google's trusted name. Here's what families need to know.
4 min read
Your Social Security Number May Already Be Public (And You'd Never Know)
Michigan residents discovered their SSNs displayed in public search engines. This isn't a hack—it's how data brokers operate every day.
3 min readYour Social Security Number May Already Be in Public Search Engines
A lawsuit against Thomson Reuters reveals how commercial search engines have been publicly displaying Social Security numbers from aggregated public records.
3 min read
Federal Patch Deadline Shows Small Businesses Share Big Security Risks
A critical vulnerability in cPanel affects millions of small business websites. Federal agencies have until Sunday to patch, and small businesses should follow suit.
4 min read