Attackers have exploited Microsoft Teams’ new “Chat with Anyone” capability to impersonate internal IT staff and trick users into granting remote access.
The feature, introduced for early release in November 2025, allowed Teams users to message any email address, including non-Microsoft 365 accounts, via Entra B2B guest invitations.
Ontinue warned days ago that the feature could unintentionally draw users into “protection-free” external tenants lacking Microsoft Defender safeguards.
In a new advisory published on Tuesday, CyberProof said its MDR analysts identified suspicious Teams interactions on Nov. 4, 2025 that led to credential harvesting and the installation of a Python-compiled infostealer.
The cybersecurity experts said the method resembled tactics used by several human-operated ransomware groups, including Black Basta, which have increasingly relied on social engineering across collaboration platforms.
Multi-Stage Attack Leveraged Quick Assist And Built-In Reconnaissance Tools
The attack began when an external user, posing as “IT Support,” initiated Teams chats with multiple employees. The impersonator then escalated to a voice call and directed the targets to a phishing link designed to mimic a Quick Assist download page.
Victims who entered their login details unknowingly downloaded a malicious executable named updater.exe, which investigators later found to be signed by “WASSERMAN, LLC”.
Once executed, the malware attempted classic reconnaissance commands, such as listing domain controllers, mapping network routes, and terminating specific processes (preparation consistent with pre-ransomware staging). CyberProof confirmed that the attack was stopped when analysts blocked the outbound connection and isolated the affected endpoint.
Microsoft recently provided guidance for disabling the feature using Teams Messaging Policies, including a PowerShell parameter that prevents guest invitations from unmanaged email addresses. While this restriction does not affect channel collaboration or established federation settings, it blocks unsolicited one-to-one chats from unknown external users.
To counter similar threats, CyberProof suggested that security teams limit what remote support tools are allowed, verify the identity of all external services, and implement additional identity protection mechanisms, such as MFA and Zero Trust Verification.
The researchers also warned that attackers may increasingly combine impersonation with audio, video, and deepfake content as social engineering evolves across enterprise collaboration platforms.
