Automatically translated.View original post

Beware of hackers using the OAuTH system to make phishing.

Malwarebytes warns. Beware of hackers using OAuTH to do phishing, tricking the release of malware.

OAuTH or Open Authorization may be a protocol that makes it easy to use applications that need to access data on the machine without any password, just choose whether to approve or disapprove, but this system that seems to be secure has been used by hackers.

According to a report by the official website of anti-malware developer Malwarebyte, a research team from Microsoft has detected hackers using OAuTh in combination with deception, causing victims to be deceived, phishing, or malware-addicted, by using Silent OAuth to help change the target of visiting websites (Redirect), bringing victims into infrastructure-linked websites that are unaware of the above crimes. Hackers do not have to steal tokens. The use of the victim is in any way. The procedure of the practice consists of multiple elements. This

First, a hacker sends a fraudulent email to the victim, saying that it comes from a government agency, social security, a tax agency, or a company that has a fraudulent link with a fraudster to open a document such as "View Document" or "Review Report," or a PDF file with a link inside it.

This is the link mentioned in the first verse, which usually makes a link for logging in to Google or Microsoft services. It usually starts a link similar to the common login of the two services, such as https: / / login [.] microsoftonline [.] com / or https: / / accounts [.] google [.] com /. At this point, there is no sign that the parameter (Parameter) like prompt = none, odd or empty scope, encoded state being put in is wrong.

Yet, in the URL parameters, there is a combination of Silent OAuth (prompt = none) with special parameters that will cause such procedures to fail (invalid or missing scope). At this point, the OAuth provider will have to recheck the session, including the Conditional Access condition, and the system will predict that the OAuth will not be silent as requested and then send back the OAuth error notification, such as interaction _ required, access _ tolerance, or consent _ required.

At this point, after sending the error back, by the design of this mechanism, the system will change the target of visiting a website on the web browser to the URI that the application associated with OAuth has registered, along with the state and error parameter. In this case, it will take the victim to the hacker's fraudulent domain. But from the user's point of view, it will be like switching a visit page from Google or Microsoft to a new page without seeing the error string.

The landing page that the victim is brought to is a website that actually mimics the login page or the website of a famous business brand. At this point, the victim can find two patterns.

The first is a Phishing scam page or an Attacker in the Middle or AitM page that comes with a login page that looks nothing wrong. Some pages also come with a Captcha authentication system for realism. If the victim enters a password with a Multi-Factors Authentication or MFA, the AitM tool captures information including information in the Session Cookies.

A malware download page with both automatic download and lure the victim to download it with buttons on the page, such as "Download the secure document" or "Meeting resources," etc.

As a result of such a form of deception, hackers behind it have a code to use the victim's accounts or may come in the form of a backdoor malware embedding. Therefore, for security purposes, users must avoid clicking any links before clicking. Make sure to check every time. If you click and find anything wrong, immediately close the tab or web browser, as well as regularly update the operating system, web browser, and cybersecurity tools to help protect the other layer.

# Trending # Lemon 8 Howtoo # lemon 8 diary # oauth # freedomhack

3/23 Edited to

... Read moreจากประสบการณ์ส่วนตัว การโจมตีแบบ Phishing ที่ใช้ประโยชน์จากระบบ OAuth เริ่มมีความซับซ้อนและหลอกลวงมากขึ้น เมื่อก่อนเราอาจจะรู้จักการติดกับดักผ่านอีเมลที่มีลิงก์ปลอมทั่วไป แต่ตอนนี้กลุ่มแฮกเกอร์ใช้เทคนิค Silent OAuth เพื่อหลอกให้เราคิดว่ากำลังล็อกอินผ่านเว็บไซต์ Google หรือ Microsoft จริงๆ โดยในเบื้องหลัง การเปลี่ยนเส้นทางลิงก์จะพาไปยังเว็บที่เหมือนกับของจริงอย่างมาก เช่น หน้าโหลดเอกสารหรือลงชื่อเข้าใช้ทั้งที่เป็นการขโมยข้อมูลเข้าสู่ระบบแทน ในบางครั้งหน้าเว็บปลอมจะติด CAPTCHA เพื่อความน่าเชื่อถือ ผู้ใช้งานจึงไม่สงสัยและกรอกข้อมูลการล็อกอินรวมถึงรหัสยืนยันตัวตนหลายชั้น (MFA) ซึ่งถือเป็นการเปิดประตูให้แฮกเกอร์เข้าถึงข้อมูลอย่างลึกซึ้งมากขึ้น สิ่งที่เรียนรู้คือ เราควรใส่ใจตรวจสอบ URL ให้ละเอียด การเห็น URL เริ่มต้นเหมือนที่คุ้นเคยไม่ได้หมายความว่าสามารถวางใจได้เสมอ ต้องตรวจสอบพารามิเตอร์แปลกๆ และถ้าเห็นข้อความเตือนหรือข้อผิดพลาดเกี่ยวกับ OAuth ที่ไม่เคยเจอมาก่อน ควรหยุดใช้งานเว็บไซต์นั้นทันที นอกจากนี้ การอัปเดตระบบระบบปฏิบัติการและโปรแกรมป้องกันไวรัสอย่างสม่ำเสมอ ช่วยป้องกันมัลแวร์และลดช่องโหว่ของระบบได้เป็นอย่างดี จากความเห็นส่วนตัว การตระหนักถึงภัยคุกคามและเพิ่มความระมัดระวังเวลาเปิดลิงก์หรือโหลดไฟล์จากอีเมลที่มาจากแหล่งที่ไม่ชัดเจน เป็นสิ่งสำคัญอันดับแรกที่ช่วยลดความเสี่ยงได้มากที่สุด ขอแนะนำให้ตั้งค่าการใช้ MFA และใช้โปรแกรมจัดการรหัสผ่านเพื่อเพิ่มความปลอดภัยในการล็อกอิน นอกจากนี้การตรวจสอบสิทธิ์เข้าถึงแอปภายนอกที่เชื่อมต่อกับบัญชี Google หรือ Microsoft ของเราอย่างสม่ำเสมอ ก็ช่วยลดความเสี่ยงที่ถูกโจมตีผ่านระบบ OAuth ได้อีกขั้นหนึ่ง

Related posts

scammers and hackers beware
Hudson
cercofhell

cercofhell

27 likes

SIEGEX is all CHEATERS & HACKERS😭
Why is this game full of cheaters and hackers and bugs🤷‍♀️ #siege #rainbowsixsiege #gaming #streamer #foryou
Phasma

Phasma

40 likes

#yungblud
watch4hackers

watch4hackers

8 likes

I urge you to go Google this. These Hackers starte
Hollywood

Hollywood

0 likes

A laptop with a cloudy sky wallpaper and a white cup with a red logo. Text overlay reads: 'Free Websites That Saved My GPA AND MY SANITY Sharing So You Don't Struggle Too'.
A laptop screen displays Yahoo search results for 'Quizlet'. An overlay describes Quizlet as a free flashcard tool for memorizing terms, definitions, and formulas, making studying feel like a game.
A laptop screen displays Yahoo search results for 'Unriddle.ai'. An overlay describes Unriddle.ai as a free tool that breaks down notes, articles, or assignments to aid understanding of long readings.
Websites You NEED to Pass Your College Courses
Y’all college is hard enough without trying to figure everything out on your own 😩 So here’s my list of websites that actually helped me pass my classes like, these were in my survival kit. I’m not gatekeeping 🫶🏽 Quizlet When I needed to memorize terms FAST. I used it for flashcards, and the matc
Beauty

Beauty

288 likes

A message to Minecraft hackers…
You should join the server #minecraft #gaming #fyp
BendersMC

BendersMC

13 likes

Hackers are using tricks & steal financial info.🌸🍋
SECURITY TIPS: Be careful from hackers they use multiple different types of software and tricks to steal data from computers, cell phones or other devices to steal your data, financial information and personal details. When they hack via computer systems Showing they are from Microsoft Security Ale
Mujahid Bakht

Mujahid Bakht

6 likes

The image shows a keyboard with a fingerprint icon, overlaid with "OUTSMART HACKERS" and "Secrets they don't want you to know," serving as the title for a guide on cybersecurity.
This image explains hackers use software to guess passwords and advises creating long passwords with a random mix of letters, numbers, and symbols to defend against such attacks.
The image warns that hackers try common passwords and advises users to defend themselves by avoiding easy words/phrases and not reusing passwords across different sites.
SECRETS Hackers DON’T Want You to Know!
After hackers got into my Facebook account and completely erased it, I dusted myself off and started a deep dive to understand why and how hackers work. The best way to protect yourself is to outsmart them. Here are 5 secrets Hackers DON'T want you to know! Share this with everyone! #lemon8pa
techgirljen

techgirljen

425 likes

I wanted a real project I could actually show, not just talk about. So I used Atoms ⚛️ Check it out here: https://tinyurl.com/3xzc8xbe It feels like having a whole AI team helping me: 🔍 they do the deep research first 🏁 then Race Mode builds different versions so I can compare 👥 I just pick
emilie.studygram

emilie.studygram

20 likes

Hackers
How call of duty has me #call of duty #hacker #warzone
Stevie_Wonders

Stevie_Wonders

1 like

Bigfoot Super Hackers.
#manthoughts #hackers #laughoutloud #bigfootvlog #lifetips
Alien Hayes

Alien Hayes

13 likes

If you have the Samsung, you need to watch this and update your phone immediately 
Cybersecurity Girl

Cybersecurity Girl

49 likes

Taco Tuesday 🤯 Admin Abuse ⁉️ #stealabrainrot #robloxstealabrainrot #roblox #neoskittles
NeoSkittles

NeoSkittles

6 likes

Stop panicking over your peace sign selfies! You've probably seen the viral videos claiming that hackers in China are stealing fingerprints from photos. I didn't talk about this earlier because I didn't want to cause unnecessary fear. Here's the truth: Yes, extracting fingerprints from high-res
Cybersecurity Girl

Cybersecurity Girl

1 like

PSA PSA PSA ‼️ #fyp #hackers #facebook #scammers #viral
Kay’s House ✨

Kay’s House ✨

2 likes

Urgent warning for 1.8Billion Gmail users. Follow CybersecurityGirl for more cyber tips and scam alerts Thanks @Nick Jackson for talking about this. #gmail
Cybersecurity Girl

Cybersecurity Girl

15 likes

A rumor has been going around that Iranian hackers threatened to hack the U.S. credit system and boost everyone’s credit score. #fyp
iddy2707

iddy2707

2 likes

⚠️ The Hidden Dangers of Public Wi-Fi Free Wi-Fi feels convenient, but it can be a trap. Hackers can create what’s called an “evil twin” network—a fake hotspot that looks legitimate. The moment you connect, they can access your data, passwords, banking info, and private messages. Listen
Dannah Eve

Dannah Eve

82 likes

1. Ransomware: Pay up or lose everything. Hackers lock your files and demand payment. Hospitals. Schools. Small businesses. No one is safe. The average payout? Over $2 million. And paying doesn’t guarantee you get your data back. 2. AI-Powered Attacks: The threat just got smarter. Phishing
Abby❤️💎

Abby❤️💎

0 likes

A list titled 'Top Cybersecurity GitHub Projects' created by Dan Nanni, updated 2026/1. It displays 25 GitHub projects with their star counts, repository names, and brief descriptions, covering tools for hacking, pentesting, reverse engineering, proxies, and security scanning.
Top cybersecurity-related GitHub projects
My top GitHub list for cybersecurity projects is updated for this month 😎👆 Explore top-ranked FOSS projects spanning both the defensive and offensive sides of cybersecurity. Find a high-res pdf book with all my cybersecurity related infographics from https://study-notes.org #cybersecurity
Learn Linux with Dan

Learn Linux with Dan

41 likes

🚨 16 Billion passwords leaked - the largest breach ever 🚨 Here is how it happened and what you can do to be safe. #news #databreach #cybersecuritytips #onlinesafety
Cybersecurity Girl

Cybersecurity Girl

130 likes

King Trump
GrouchyGrandpaChannel

GrouchyGrandpaChannel

3 likes

Just An FYI This Is How So Many People are Getting Hacked!!! Plz Don’t Fall For Message Like These!!! it’s A Fake Account!!! #fakeaccount #hackers
MaryBell

MaryBell

2 likes

Amen thanks Father God Jesus Christ God evening word and prayer devil's I rebuke you your childrens Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg and Randy Tappin and Christopher Thirdkill and IT and their countr
glentrump359

glentrump359

0 likes

These Hackers on Marvel Rivals getting crazy!
#marvelrivals #twitchtv #followme #Hackers #marvelfunny
MisFit Miracles

MisFit Miracles

2 likes

Most small businesses believe they’re too small to be hacked… but that’s not how cyber risk works. In today’s connected world, your business doesn’t stand alone. You rely on vendors, payroll systems, cloud platforms, CRMs, IT providers, to run your operations. But here’s the truth many people ov
Abby❤️💎

Abby❤️💎

0 likes

HACKERS IN THE BETA
Blackops 7 has hackers already…. #hacker #blackops7 #bo7
Goofstha

Goofstha

1 like

Blue jackets hockey is on the riseeeeeeee
peyton

peyton

1 like

The image shows a phone screen displaying a 'Creating...' message with text claiming entities are 'hackers, trackers and child predators.' It includes a person surrounded by swirling energy and mentions Lilith, Satan, and Ra as parasitic beings.
The image displays a list of AI prompt suggestions, including 'Make me best friends with the Grim Reaper drinking boba tea,' which is circled. Below, text questions why befriending the Grim Reaper (Satan) is acceptable.
The image features a person with swirling energy and text stating, 'Can't create videos of prominent figures. Try something else instead.' It questions when Satan, Lilith, and Ra became prominent figures, describing them as disembodied beings preying on teens.
YouTube made Satan/Lilith/Ra (Demon Spirits) Prominent Figures #teen YouTube
I claim my protected emotional, mental, emotional, and digital space. All energetic loosh and currency stays with me, not those who prey upon it. *"I do not give, offer, or forfeit my crown to the dark forces who oppose me."* Those who steal will, with crafted weaved intentions div
Energy Frequency & Magic

Energy Frequency & Magic

0 likes

BIG Holiday Costco Shop & Haul | Anchorage, Alaska
vanditsv

vanditsv

2 likes

I'm finna to go filing some more federal complaints on y'all right now Look world on TikTok right now removing my freedom of speech constitutional rights and sound on my legal paperwork and complaints Look world on Lemon8 app right now removing my legal paperwork complaints and freedom of
glentrump359

glentrump359

1 like

A smartphone displays a message asking God to unblock it due to hackers. A patterned pad and colorful items are in the hazy background. The image includes Lemon8 branding and a username.
God, please unblock this android, hackers have in
Olga Ledbetter

Olga Ledbetter

37 likes

🛡️ The GIS-R10 Controller — Enterprise-Level Power
🚀 The perfect hotspot solution for internet speeds of 400 Mbps! Designed for medium to large hospitality businesses like hotels, resorts, campgrounds, RV parks, marinas, and more, the GIS-R10 makes it easy to provide WiFi access as a complimentary service or a paid option. 🏨🌴🚐⚓ ✨ Why business
Guest Internet

Guest Internet

0 likes

Look world I just made this new Facebook account a minute ago Morehouse parish sheriff department officers and Mike Stone Tubbs and hackers and Elon Musk and Donald Trump and Mark Zuckerberg just locked and suspended it cause I'm sharing my legal paperwork and federal complaints I'm filling
glentrump359

glentrump359

0 likes

WARZONE HACKERS
Warzone is full hackers and call of duty does not care #warzone #hacker #memesdaily #memes🤣 #gaming
DUSTINMYRQ ™

DUSTINMYRQ ™

5 likes

SEPT WRAP UP PT 1.
september had me in a CHOKEHOLD y'all 😮‍💨 i read so much i have to break this into TWO PARTS 😂😂 • 47 books read (don't play with me •) • 19 new authors • multiple favorites that little binge had me blowing right past my 200 book goal, so you know i had to bump it up to 250 from messy d
LEXI 💓

LEXI 💓

33 likes

You shouldn’t be worried about the hackers, you should be worried about your settings. Check out ThreatLocker DAC today #ad #cybersecurity
Cybersecurity Girl

Cybersecurity Girl

25 likes

A monitor displays the Martin AI assistant dashboard with sections for to-dos, reminders, calendar, and chat, set on a desk with a keyboard and plant, illustrating the phrase "Say what you need, it gets it done."
The Martin AI assistant dashboard is shown, featuring to-dos, reminders, calendar, inbox, and a chat interface for sending schedules, emphasizing its ability to use voice commands for tasks like texting and setting reminders.
The Martin AI assistant dashboard displays to-dos, reminders, calendar, and an inbox with emails, highlighting its function to remember and track information across various platforms without repetition.
Your to-do list just got a personal manager
You know when you have too many tabs open in your brain? This app is like closing all of them... at once. Martin is your Al assistant that actually works like a real one. Need to text someone, forward notes, set reminders, or manage your day? Just tell Martin. It connects with your inbox,
Reverelia

Reverelia

366 likes

warzone hackers be mad little babies
#cod #ps5 #gamergirl #warzone #fuckhackers
Twilightvile

Twilightvile

2 likes

A list titled 'Top Cybersecurity GitHub Projects' created by Dan Nanni at study-notes.org, updated 2025/9. It features various GitHub repositories with their star counts and brief descriptions, covering cybersecurity resources, hacking tools, reverse engineering, and pentesting.
Top cybersecurity-related GitHub projects
GitHub is home to many open-source cybersecurity projects, providing security professionals with a rich toolkit for research, defense, and response Here are a list of the most popular #github repositories related to cybersecurity 😎👆 #infosec #informationsecurity #pentest Find a high-
Learn Linux with Dan

Learn Linux with Dan

29 likes

See more