You might be vulnerable to this new attack if you have a Microsoft 365 account
You could be in danger if you have a Microsoft 365 account because hackers use a sophisticated scam that is also based on social engineering to get your private information.
The cybersecurity company Volexity claims that Russian hackers took control of Microsoft 365 accounts by taking advantage of a valid OAuth 2.0 authentication process.
In particular, Russian cybercriminals are mainly using social engineering techniques to target Microsoft 365 accounts that belong to people connected to Ukraine and human rights.
In order to contact victims, attackers usually pose as European officials or use hacked Ukrainian government accounts. Popular apps like Signal and WhatsApp are frequently used for communication.
Hackers deceive victims into exchanging OAuth 2.0 authorization tokens or clicking on malicious links hosted on Microsoft infrastructure.
You can access email and other Microsoft 365 features with these codes, which are good for 60 days.
Notably, this code also showed up in the address bar as a component of a URI. According to the researchers, the majority of other instances merely produced blank pages, but Visual Studio Code seems to have been set up to make it easier to extract and share this code.
In order to get around two-factor authentication and even fool users into approving phony apps, hackers are also using Microsoft IDs to register new devices.
The fact that the hackers are utilizing Microsoft's infrastructure makes this scam extremely hard to suspect.
However, in order to avoid suspicion, attackers use proxy networks to imitate the victim's location.
Hackers can read private emails, access private files, and even maintain unauthorized access if they manage to get their hands on stolen OAuth 2.0 tokens.