Security News > 2023 > December > Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing
2023-12-13 10:55
Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity," the Microsoft Threat Intelligence team said in an
News URL
https://thehackernews.com/2023/12/microsoft-warns-of-hackers-exploiting.html
Related news
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Tycoon2FA phishing kit targets Microsoft 365 with new tricks (source)
- Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins (source)
- Attackers phish OAuth codes, take over Microsoft 365 accounts (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)