Sneaky Malware Spoofs Work Apps to Steal M365 Logins

Hackers are targeting Microsoft 365 accounts by spoofing popular work apps like Adobe and DocuSign to steal login credentials and deliver malware. They exploit compromised accounts to distribute malicious OAuth apps, leading victims to phishing pages for credential theft.

X64

Mar 18, 2025 1 min read

🔍 Cyber alert! Microsoft 365 accounts face threats from malware spoofing popular work apps. Experts urge caution with app permissions. Stay informed! #CyberSecurity #TechRadar

Cybercriminals use compromised accounts to distribute malicious OAuth apps that imitate popular apps, leading to credential theft and malware distribution.
The attacks primarily target various sectors in the US and Europe, requiring users to grant specific permissions that facilitate further phishing attempts.
The campaign uses social engineering tactics, like ClickFix, to trick users into downloading malware via deceptive browser prompts.

Techradar: Microsoft 365 accounts are under attack from new malware spoofing popular work apps

Sneaky Malware Spoofs Work Apps to Steal M365 Logins

FCC Takes Charge: New Council to Tackle Foreign Threats

Taara Takes Off: Alphabet's Laser Internet Leap

All Things Cyber–

Sneaky Malware Spoofs Work Apps to Steal M365 Logins

FCC Takes Charge: New Council to Tackle Foreign Threats

Taara Takes Off: Alphabet's Laser Internet Leap

You might also like

Arm Wrestles Data Centers?

Tariff Trouble for Framework

Wiki vs. AI: Bandwidth Battle!

Study Smarter with Claude AI!

All Things Cyber–