Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.

In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user’s computer, according to a report published Thursday.

“Using an executable file, or a file that contains instructions for the system to execute, hackers can install DLL files and allow the program to self-administer and take control over the computer,” cybersecurity researcher and analyst at Avanan Jeremy Fuchs wrote in a report. “By attaching the file to a Teams attack, hackers have found a new way to easily target millions of users.”