Cloud Security, Security Architecture, Email security, Security Strategy, Plan, Budget

Azure Static Web Apps exploited for credential exfiltration

Malicious actors have launched phishing attacks exploiting Microsoft Azure's Static Web Apps service to exfiltrate Microsoft, Outlook, Office365, and OneDrive account credentials, according to BleepingComputer. Attackers have used the Azure Static Web Apps platform to create fake landing pages and login forms resembling official Microsoft pages, said MalwareHunterTeam. MalwareHunterTeam noted that the * wildcard TLS certificate enables all landing pages to obtain their own secure page padlock in the address bar, potentially deceiving even the most suspicious targets. Such detail in the landing pages also enables threat actors to target users of Yahoo, AOL, Rackspace, and other email providers. While users could identify phishing campaigns by checking the URL of the pages they visit, such advice is nearly worthless under the new phishing scheme. The new phishing campaign follows the prior use of Microsoft Azure Blob Storage's * wildcard certificate to target users of Outlook and Office 365, BleepingComputer reports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.