Microsoft details an AI-enabled device code phishing campaign against organizational accounts
Original: Inside an AI‑enabled device code phishing campaign View original →
Microsoft Defender Security Research on April 6, 2026 disclosed a widespread phishing campaign that abuses the OAuth device code authentication flow to compromise organizational accounts at scale. Microsoft says the campaign stands out from earlier device code attacks because it uses AI-driven infrastructure and automation end to end, which increases the odds that victims complete the flow before the short-lived code expires.
In the Microsoft description, the attack begins with reconnaissance and convincing lures such as document access, e-signing, or voicemail prompts. When a target clicks, a malicious page generates a live device code in real time, redirects the victim to the legitimate microsoft.com/devicelogin page, and sometimes copies the code to the victim’s clipboard to reduce friction. Once the user completes the flow, the attacker receives a live access token without stealing the password directly, because the legitimate device code flow has been misused.
- Dynamic device code generation starts the 15-minute window only after the victim clicks.
- Short-lived backend nodes on services such as Railway.com help the campaign scale and avoid simple pattern detection.
- Microsoft links the activity to the rise of EvilTokens, a phishing-as-a-service toolkit tied to device code abuse.
The research matters because it shows how attackers are layering automation on top of trusted cloud workflows rather than simply cloning log-in pages. The phishing page, token polling infrastructure, clipboard tricks, and post-authentication actions work together as a coordinated system. That raises the bar for defenders, since blocking a malicious domain alone is no longer enough when the final sign-in happens on a real Microsoft URL.
Microsoft’s mitigation guidance is practical: block device code flow wherever possible, restrict it with Conditional Access where it is needed, train users to verify what application they are authorizing, and revoke refresh tokens quickly when abuse is suspected. For enterprises, the report is a reminder that identity workflows built for convenience can become high-value attack surfaces once automation makes them scalable.
Related Articles
Claude products now touch real tools, so the risk question is shifting from model persuasion to execution boundaries. Anthropic says users approved about 93% of Claude Code permission prompts, a number that weakens human-in-the-loop defenses.
Microsoft Threat Intelligence said on March 6, 2026 that attackers are now using AI throughout the cyberattack lifecycle, from research and phishing to malware debugging and post-compromise triage. The report argues that AI is not yet running fully autonomous intrusions at scale, but it is already improving attacker speed, scale, and persistence.
Credential hygiene is turning into an agent problem, not just a developer problem. Cloudflare says AI is accelerating secret leaks by 5x and is rolling out checksum-based token formats that can be detected and revoked automatically when they land in public repositories.
Comments (0)
No comments yet. Be the first to comment!