Securelist
Device Code Phishing Attack Targets Microsoft OAuth Users
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A recent phishing campaign exploits the Device Authorization Grant in Microsoft's OAuth 2.0 implementation. Attackers direct victims to input credentials on a legitimate Microsoft site, bypassing traditional phishing defenses. This method targets users of IoT devices and smart TVs, allowing unauthorized access to their accounts. The attack leverages the device code flow, which is designed for input-constrained devices, making it particularly insidious. Security experts emphasize the need for enhanced awareness and defensive measures against such tactics. No specific CVEs or tools were mentioned in the articles, but the attack method is well-documented. The situation is ongoing, with recommendations for users to remain vigilant.
Key Points: • Phishing campaign exploits Microsoft's Device Authorization Grant for OAuth 2.0. • Attackers use legitimate Microsoft sites to trick users into entering credentials. • The method targets IoT devices and smart TVs, increasing the risk of unauthorized access.