OAuth applications to deploy VMs for cryptomining

Type

Campaign

Actors

🌩️Storm-1283

Pub. date

December 12, 2023

Initial access

End-user compromise

Impact

Resource hijacking

Observed techniques

OAuth app creationOAuth app hijack

References

https://www.microsoft.com/en-us/security/blog/2023/12/12/threat-actors-misuse-oauth-applications-to-automate-financially-driven-attacks/

Status

Stub

Last edited

Aug 14, 2024 7:53 AM