Microsoft researchers: OAuth app used to automate phishing attacks and mine cryptocurrency
Microsoft researchers have discovered a series of cyber attacks where OAuth applications are used to automatically conduct phishing attacks, disrupt company emails, and secretly mine cryptocurrency. The hackers' targets are accounts that lack strong authentication mechanisms. They create new OAuth applications with high permissions through hijacked accounts, allowing malware to access systems without the user's knowledge.
In one case, an attacker with the username Storm-1283 used OAuth to deploy virtual machines for cryptocurrency mining. Depending on the duration of the attack, losses ranged from $10,000 to $1.5 million.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
[Initial Listing] Bitget Will List DePHY (PHY). Come and grab a share of 6,600,000 PHY
New spot margin trading pair — ES/USDT!
Bitget Trading Club Championship (Phase 1) – Make spot trades daily to share 50,000 BGB
SLPUSDT now launched for futures trading and trading bots
Trending news
MoreCrypto prices
More
