Hackers are taking over CEO accounts with rogue OAuth apps

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,154
Content source
https://www.bleepingcomputer.com/news/security/hackers-are-taking-over-ceo-accounts-with-rogue-oauth-apps/
Threat analysts have observed a new campaign named ‘OiVaVoii’, targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts.

According to a report from Proofpoint, the campaign is still ongoing, though Microsoft is monitoring the activity and has already blocked most of the apps.

The impact of executive account takeovers ranges from lateral movement on the network and insider phishing to deploying ransomware and business email compromise incidents.
Click to expand...
Four of the malicious OAuth apps used by the actors in this campaign have been blocked, but new ones are being created and employed in the same way.
Click to expand...
www.bleepingcomputer.com

Hackers are taking over CEO accounts with rogue OAuth apps

Threat analysts have observed a new campaign named 'OiVaVoii', targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: CyberTech, upnorth, Venustus and 3 others
You must log in or register to reply here.

Similar threads

upnorth
    • Like
    • +Reputation
Attackers abuse Microsoft’s 'Verified Publisher' Status to steal data
Replies
1
Views
525
News Archive
Zero Knowledge
Z
I
    • Like
Security News Microsoft explains how Russian hackers spied on its executives
Replies
1
Views
1,024
Security News
Vitali Ortzi
Vitali Ortzi
Gandalf_The_Grey
    • +Reputation
    • Wow
Malware News Russian military hackers target Ukraine with new MASEPIE malware
Replies
0
Views
1,166
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top