Device code phishing attacks surge 37x as new kits spread online
Summary
Phishing attacks leveraging the OAuth 2.0 Device Authorization Grant flow have increased dramatically by over 37 times this year. These attacks are facilitated by readily available phishing kits spreading online, enabling malicious actors to hijack user accounts.
IFF Assessment
FOE
This represents bad news for defenders as a new, highly effective attack vector is rapidly proliferating, making it easier for attackers to compromise user accounts.
Defender Context
Defenders need to be aware of the surge in device code phishing and educate users on its indicators, such as unexpected requests for device authorization codes. Implementing multi-factor authentication and monitoring for unusual authorization requests can help mitigate these attacks.