Cybersecurity Alert: Malicious Outlook Add-In Compromises Over 4,000 Microsoft Accounts
In a significant cybersecurity development, researchers have identified the first known malicious Microsoft Outlook add-in actively exploiting users. This sophisticated supply chain attack, dubbed AgreeToSteal by Koi Security, has resulted in the theft of over 4,000 Microsoft credentials.
The Exploited Add-In: AgreeTo
The focal point of this attack is the Outlook add-in named AgreeTo. Originally designed to integrate various calendars and facilitate availability sharing via email, AgreeTo was last updated in December 2022. Following its abandonment, cybercriminals seized the opportunity to hijack its associated domain, transforming it into a conduit for malicious activities.
Mechanism of the Attack
Office add-ins like AgreeTo operate by referencing a manifest file that specifies a URL. This URL fetches content in real-time from the developer’s server, displaying it within Outlook. In this instance, the manifest pointed to a Vercel-hosted URL (outlook-one.vercel[.]app). After the original developer’s Vercel deployment was deleted, this URL became available for claim. An attacker exploited this by hosting a phishing kit on the reclaimed URL, presenting a counterfeit Microsoft login page to unsuspecting users.
When users entered their credentials into this fake login page, the information was captured and transmitted via the Telegram Bot API. Subsequently, victims were redirected to the legitimate Microsoft login page, minimizing suspicion and detection.
Potential for Greater Harm
The implications of this attack could have been even more severe. The AgreeTo add-in was configured with ReadWriteItem permissions, granting it the ability to read and modify users’ emails. This level of access could have enabled attackers to deploy JavaScript code capable of covertly extracting the contents of victims’ mailboxes, leading to extensive data breaches.
Broader Context: Supply Chain Vulnerabilities
This incident underscores a growing trend in supply chain attacks, where trusted distribution channels are exploited post-approval. Similar tactics have been observed in browser extensions, npm packages, and Integrated Development Environment (IDE) plugins. The unique risk with Office add-ins lies in their integration within Outlook, a platform where users manage sensitive communications. These add-ins can request permissions to read and modify emails and are distributed through Microsoft’s official store, which inherently carries a level of trust.
The AgreeTo case highlights a critical gap: the original developer acted appropriately by creating a legitimate product and eventually moving on. The attack exploited the period between the developer’s abandonment of the project and the platform’s recognition of this status change. This scenario is a stark reminder that any marketplace hosting remote dynamic dependencies is susceptible to such vulnerabilities.
Recommendations for Mitigation
To address these security challenges, Koi Security recommends several proactive measures:
1. Continuous Monitoring: Implement mechanisms to detect when an add-in’s URL serves content different from what was initially approved, triggering a re-review process.
2. Domain Ownership Verification: Ensure that the domains associated with add-ins are managed by the original developers. Flag add-ins where domain ownership has changed hands.
3. Regular Audits: Establish protocols to delist or flag add-ins that have not been updated within a specified timeframe, reducing the risk of abandoned projects being exploited.
4. Transparency in Usage: Display installation counts and user feedback to assess the impact and trustworthiness of add-ins.
Microsoft’s Role and Response
While Microsoft conducts an initial review of add-in manifests during the submission phase, there is currently no ongoing monitoring of the content served by the developer’s server each time the add-in is accessed. This lack of continuous oversight opens the door to potential security risks, as demonstrated by the AgreeToSteal incident.
Microsoft has been made aware of this vulnerability, and the cybersecurity community awaits their response and the implementation of enhanced security measures to prevent similar attacks in the future.
Conclusion
The discovery of the AgreeToSteal attack serves as a critical reminder of the evolving nature of cyber threats and the importance of vigilant monitoring of software supply chains. As attackers continue to find innovative ways to exploit trusted platforms, it is imperative for developers, platform providers, and users to collaborate in strengthening security protocols and maintaining a proactive stance against potential vulnerabilities.
