Microsoft researchers: OAuth app used to automate phishing attacks and mine cryptocurrency
Microsoft researchers have discovered a series of cyber attacks where OAuth applications are used to automatically conduct phishing attacks, disrupt company emails, and secretly mine cryptocurrency. The hackers' targets are accounts that lack strong authentication mechanisms. They create new OAuth applications with high permissions through hijacked accounts, allowing malware to access systems without the user's knowledge.
In one case, an attacker with the username Storm-1283 used OAuth to deploy virtual machines for cryptocurrency mining. Depending on the duration of the attack, losses ranged from $10,000 to $1.5 million.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Subscribe to ETH Earn products for dual rewards exclusive for VIPs— Enjoy up to 10% APR and trade to unlock an additional pool of 50,000 USDT
Bitget Spot Margin Announcement on Suspension of SANTOS/USDT, MYRO/USDT, DUSK/USDT, PHB/USDT, ALPINE/USDT Margin Trading Services
CandyBomb x RAVE: Trade futures to share 200,000 RAVE!
Bitget TradFi: Trade gold, forex, and more assets in one account
Trending news
MoreCrypto prices
More
