Techly NewsGet the app

Get the latest tech news

Threat actors are using legitimate Microsoft feature to compromise M365 accounts


Threat actors are exploiting Microsoft Device Code Authentication to trick targets into granting them access to their M365 accounts.

“It appears that these Russian threat actors have made a concerted effort to launch several campaigns against organizations with a goal of simultaneously abusing this method before the targets catch on and implement countermeasures.” The attackers usually impersonate US, Ukrainian, and EU government officials or researchers at prominent institutions, and reach out to the targets via social media or messaging apps such as Signal. Microsoft has also spotted them sending additional phishing messages containing links for Device Code Authentication from the compormised account to other users in the target organization.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Microsoft

Microsoft

Photo of Threat actors

Threat actors

Photo of M365

M365

Related news:

News photo

Microsoft fixes bug causing Windows Server 2025 boot errors

News photo

Farewell HoloLens - Microsoft officially quits wearable headset technology, hands over billion-dollar DoD contract to Anduril

News photo

Create the future with AI: Join Microsoft at NVIDIA GTC

« Trump administration reportedly eyes renegotiating CHIPS Act awards