Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant applications access to server resources without having to use login credentials. Microsoft Threat Intelligence has observed a number of attacks that started with attackers compromising (either via phishing or password spraying) poorly secured accounts that have permissions to create, modify, and grant high … More →

The post …

abuse abusing access account hijacking accounts applications apps attackers attacks authentication bec scams campaigns credentials cryptojacking cryptomining don't miss grant high hot stuff intelligence large launch login login credentials microsoft microsoft 365 microsoft azure microsoft entra id microsoft threat intelligence oauth phishing privilege protocol resources scale server spam standard threat threat intelligence tokens