Microsoft researchers: OAuth app used to automate phishing attacks and mine cryptocurrency
Microsoft researchers have discovered a series of cyber attacks where OAuth applications are used to automatically conduct phishing attacks, disrupt company emails, and secretly mine cryptocurrency. The hackers' targets are accounts that lack strong authentication mechanisms. They create new OAuth applications with high permissions through hijacked accounts, allowing malware to access systems without the user's knowledge.
In one case, an attacker with the username Storm-1283 used OAuth to deploy virtual machines for cryptocurrency mining. Depending on the duration of the attack, losses ranged from $10,000 to $1.5 million.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.