Washington, D.C. – March 17, 2025 –Hackers use fake Adobe & DocuSign apps to hijack Microsoft 365! OAuth permissions let them steal data & spread malware.
Cybercriminals are now weaponizing trusted brands to hijack Microsoft 365 accounts. In a newly uncovered attack, hackers have been using fake Adobe and DocuSign OAuth apps to steal credentials and deploy malware, putting thousands of businesses at risk.
The malicious apps, which impersonate Adobe Drive, Adobe Acrobat, and DocuSign, trick users into granting OAuth permissions. Once approved, hackers gain access to:
- Full profile details
- User IDs and email addresses
- Microsoft 365 authentication tokens
David Larkin, a cybersecurity analyst said:
This is a stealthy and highly targeted attack. Victims think they're using legitimate apps, but instead, they’re handing over access to cybercriminals.
The attack primarily targeted businesses in government, healthcare, supply chain, and retail across the U.S. and Europe. Many victims were tricked by phishing emails that appeared to come from charities and small businesses with compromised Office 365 accounts.
Once a user authorizes the fake OAuth app, they are redirected to phishing sites that steal their Microsoft 365 login details or push malware payloads. Jenna Wang, a cybersecurity expert at Proofpoint revealed:
Within seconds of authorization, attackers were logging into accounts from remote locations.
Hackers hijack Microsoft 365, don’t let them track you! Stay invisible and secure your data with ExpressVPN.
Other News At VPNRanks
Stay Informed with VPNRanks
Hey, wait! Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life!
