Microsoft representatives have warned that adversaries use OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity," the Microsoft Threat Intelligence team said in an analysis. The misuse of OAuth also enables threat actors to maintain access to applications even if the
oauth (2)
The Microsoft Security Intelligence team is warning that Office 365 customers are receiving phishing emails that aim to trick them into giving OAuth permissions to a bogus app that then lets attackers read and write emails. The team reported that attackers are sending the OAuth phishing emails to "hundreds" of Office 365 customers.
OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other we
