A new virus has been detected that impersonates Microsoft Teams: here's how to identify it
In recent days, cybersecurity experts have warned that ransomware or malware, identified as 'Rhysida', is using fake Microsoft Teams ads to spread to computers and encrypt users' files.
The attack, detected on search engines like Bing, occurs through advertising links that redirect to fake websites . The presence of this virus online was reported by the specialized publication 'Digital Trends,' which also warned about the use of digital certificates to bypass security systems.
Cybercriminals are demanding money for the 'release' of the files. Photo: iStock
According to Digital Trends, the cybercriminals behind 'Rhysida' buy advertising space on search engines to display links that appear to be official Microsoft Teams links.
When the user clicks on these ads, they are redirected to a page that mimics the company's download portal, but actually installs malware known as 'OysterLoader'.
Once executed, this malicious program allows attackers to access the infected computer , encrypt documents, and demand payment for their release. The method aims to deceive both individual users and organizations that use Teams for communication and collaboration.
Cybercriminals are demanding money for the 'release' of the files. Photo: iStock
According to the report, attackers use valid digital certificates to make the malicious installer appear safe and evade antivirus detection. This tactic increases the attack's effectiveness and makes early identification more difficult.
Microsoft has reiterated that Teams and its apps should only be downloaded from official sources, such as the company's website or verified app stores. Experts recommend avoiding sponsored links in search engines and keeping malware protection systems up to date.
ALEJANDRA HERNÁNDEZ TORRES
DIGITAL REACH EDITORIAL TEAM
More news in EL TIEMPO
eltiempo
