BitcoinWorld

Black_background_logo_BitcoinWorld-removebg-preview
Microsoft Warns That Cybercriminals Can Exploit OAuth Applications
Latest News News

Microsoft Warns That Cybercriminals Can Exploit OAuth Applications

  • December 14, 2023
  • 1 minute read
  • 5 months ago

Microsoft’s security team has warned that cybercriminals are exploiting a system called OAuth, which websites use to verify your identity.  

The criminals hijack user accounts to give themselves special access to the system.  By gaining control over these accounts, they can manipulate OAuth applications to gain extensive access and permissions, thus facilitating various forms of cybercrime, including illicit crypto mining.

How The OAuth Exploit Works

The exploitation of OAuth applications presents a complex challenge. Attackers first compromise user accounts through phishing or password-spraying attacks, particularly targeting accounts lacking strong authentication mechanisms.  

These accounts are then used to deploy VMs for crypto mining, establish persistence in the aftermath of BEC and launch spamming activities using the organization’s resources. 

Microsoft has tracked these activities extensively, enhancing the detection of malicious OAuth applications through tools like Microsoft Defender for Cloud Apps and preventing compromised accounts from accessing resources. 

See Also: Microsoft Plans To Launch AI-Focused Windows In 2024

How To Mitigate The Risks 

Microsoft’s analysis of these attacks has led to several recommendations for organizations to mitigate such threats.  

First, securing identity infrastructure is critical. The majority of the compromised accounts did not have multifactor authentication (MFA) enabled. 

This made them vulnerable to credential-guessing attacks. Implementing MFA can dramatically reduce the risk of such attacks. 

In addition to MFA, Microsoft advises enabling conditional access policies and continuous access evaluation, which revoke access in real time when risks are detected.  

Security defaults in Azure AD provide essential protection for organizations, especially those on the free tier of Azure Active Directory licensing. 

These include preconfigured security settings like MFA and protection for privileged activities. Organizations are also encouraged to audit apps and the permissions they have been granted to ensure they adhere to the principles of least privilege.

Tags:

  • About author
  • Disclaimer

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.

Related Post

Latest News, Press Release

Top VCs Join EYWA’s Seed Round Led by

May 2, 2024
Latest News, Press Release

Is Pepe Stll Good Investment?! Top Cryptos That

May 2, 2024
Four Solana Meme Coins That Could Surge 8,000% and Take on Shiba Inu and Dogecoin
Latest News, News

Four Solana Meme Coins That Could Surge 8,000%

May 2, 2024
Cryptocurrency Exchange Binance Announced Its Latest Investment In Movement Labs
Latest News, News

Cryptocurrency Exchange Binance Announced Its Latest Investment In

May 2, 2024
Dogecoin Loses 20% In 7 Days, But Can This Group Turn Things Around?
Latest News, News

Dogecoin Loses 20% In 7 Days, But Can

May 2, 2024