Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant applications access to server resources without having to use login credentials. Microsoft Threat Intelligence has observed a number of attacks that started with attackers compromising (either via phishing or password spraying) poorly secured accounts that have permissions to create, modify, and grant high … More

The post Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns appeared first on Help Net Security.