First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

Cybersecurity researchers have identified the first known malicious Microsoft Outlook add-in in active use, marking a significant development in supply chain attacks. According to Koi Security, an attacker exploited a domain linked to a previously legitimate but abandoned add-in to deploy a fake Microsoft login page, successfully harvesting over 4,000 user credentials through this deceptive tactic.

This incident highlights the growing threat of supply chain compromises targeting widely used software like Outlook, emphasizing the need for enhanced security measures and user vigilance against such sophisticated credential theft schemes.

Key Takeaways

First malicious Outlook add-in discovered in the wild
Supply chain attack involving a hijacked domain from an abandoned legitimate add-in
Over 4,000 Microsoft credentials stolen via a fake login page
Highlights risks in software ecosystems and credential security

Threat Actors

Unknown attacker

Source: The Hacker News

Press ESC to close

Key Takeaways

Threat Actors

Share Article:

Tarang Parmar

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities