Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

A

Admin User

Administrator of InfoSecCenter. Passionate about cybersecurity, information security, and technology.

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access
Save

Security researchers have identified a sophisticated new attack vector where threat actors are exploiting Microsoft's Entra passkey enrollment process through voice-based phishing tactics. This emerging threat highlights the evolving landscape of social engineering attacks and demonstrates how adversaries continuously adapt to new security technologies by targeting the human element.

According to reports from security analysts at Okta, who are tracking this threat actor under the designation O-UNC-066, attackers are targeting organizations across multiple sectors. The campaign involves deceptive voice calls impersonating security personnel, prompting Microsoft 365 users to enroll a new Entra passkey through what appears to be a legitimate security procedure. Victims are being manipulated into completing a passkey enrollment process that actually grants attackers persistent access to their Microsoft 365 accounts and associated data.

The attack leverages a panel-controlled phishing kit specifically designed to mimic the Microsoft Entra passkey enrollment interface. Once successfully enrolled, the fraudulent passkey provides attackers with persistent access capabilities, bypassing traditional multi-factor authentication protections. The primary objective appears to be establishing unauthorized access for subsequent data extortion activities, potentially including data theft,

Share

Shares: 0
LinkedIn WhatsApp Pinterest Print

You might also like

Comments (0)

Leave a Comment

No comments yet. Be the first to comment!