Microsoft Office Add-In “AgreeTo” Hijacked to Steal 4,000 Microsoft Account Credentials in Sophisticated Phishing Attack

In a shocking cybersecurity breach that has sent ripples through the tech community, researchers have uncovered a sophisticated phishing campaign that hijacked a legitimate Microsoft Outlook add-in to steal over 4,000 Microsoft account credentials. The incident, dubbed “AgreeToSteal” by security researchers at Koi Security, marks what appears to be the first known case of a malicious add-in hosted directly on Microsoft’s official Marketplace.

The Innocent Beginning: A Legitimate Meeting Scheduling Tool

The compromised add-in, known as “AgreeTo,” began its life as a seemingly helpful tool for Outlook users. Developed by an independent publisher and launched on the Microsoft Office Add-in Store in December 2022, AgreeTo was designed to streamline meeting scheduling for busy professionals. The add-in functioned by loading content from a Vercel-hosted URL (outlook-one.vercel.app) directly into Microsoft Outlook, providing users with an integrated scheduling interface.

However, the developer eventually abandoned the project, leaving behind an orphaned URL and a user base that continued to rely on the tool. This abandonment would prove to be the critical vulnerability that threat actors would later exploit.

The Hijacking: How Threat Actors Took Control

What makes this attack particularly insidious is how threat actors claimed the orphaned URL and transformed the legitimate add-in into a sophisticated phishing kit. Unlike traditional malware that requires users to download suspicious files, this attack leveraged the trust users place in official Microsoft add-ins.

Once installed, the malicious AgreeTo add-in would replace the expected scheduling interface with a convincing fake Microsoft sign-in page that appeared directly in Outlook’s sidebar. This page was meticulously crafted to mirror legitimate Microsoft authentication prompts, making it extremely difficult for users to distinguish between real and fake login screens.

The attack’s sophistication extended beyond just the visual deception. The threat actors implemented a complete phishing infrastructure including:

• A realistic Microsoft login page
• Password collection mechanisms
• Data exfiltration scripts
• Redirection to legitimate Microsoft pages to reduce suspicion

The Scale of the Breach: 4,000+ Compromised Accounts

Koi Security researchers, who discovered the compromise, gained access to the attacker’s exfiltration channel and uncovered the full extent of the damage. The data revealed that over 4,000 Microsoft account credentials had been stolen, along with sensitive financial information including credit card numbers and banking security answers.

What makes this particularly alarming is that the threat actors were actively testing the stolen credentials even as researchers were investigating the breach. This suggests the attackers were not only collecting data but actively attempting to monetize their ill-gotten gains in real-time.

Microsoft’s Security Process: A Critical Weakness Exposed

The AgreeTo incident has exposed a significant vulnerability in Microsoft’s add-in security process. Once an add-in is approved and listed in the Microsoft store, there is no ongoing verification process. The initial review focuses solely on the manifest file, which is then signed and approved by Microsoft.

This means that even after abandonment by the original developer, the add-in remained in the store with full functionality, continuing to load resources from the developer’s server. When the threat actor took control of the orphaned URL, they essentially inherited a trusted distribution channel with legitimate users already installed.

The add-in retained its ReadWriteItem permissions, which would have allowed it to read and modify user emails, though researchers confirmed no such activity occurred in this particular attack.

A New Frontier in Phishing Attacks

While malicious add-ins are not entirely new to the cybersecurity landscape, they have typically been distributed through spam forum comments, phishing emails, and malvertising campaigns. The AgreeTo case represents a significant evolution in attack methodology – it’s likely the first instance of a malicious add-in being hosted directly on Microsoft’s official Marketplace.

Koi Security researcher Oren Yomtov emphasized the unprecedented nature of this discovery, noting that this represents both the first malware found on the official Microsoft Marketplace and the first malicious Outlook add-in detected in the wild.

The Broader Threat Landscape

Further investigation by Koi Security revealed that the operators behind this attack run at least a dozen additional phishing kits targeting various sectors including internet service providers, banks, and webmail providers. This suggests the AgreeTo attack is part of a larger, sophisticated cybercrime operation with significant resources and technical capabilities.

The attack methodology demonstrates a deep understanding of how modern software ecosystems work, exploiting the trust relationships between users, developers, and platform providers. By hijacking an abandoned but trusted add-in, the attackers bypassed many of the traditional security measures that users rely on to identify malicious software.

Immediate Actions and Recommendations

For users who may have installed the AgreeTo add-in, immediate action is critical. Koi Security and Microsoft both recommend:

1. Immediate Removal: Uninstall the AgreeTo add-in from Outlook without delay
2. Password Reset: Change passwords for any Microsoft accounts that may have been exposed
3. Monitor Accounts: Watch for suspicious activity on Microsoft accounts and associated financial services
4. Enable Multi-Factor Authentication: Add an extra layer of security to prevent unauthorized access even if credentials are compromised

Microsoft has since removed the malicious add-in from its store, but the incident raises serious questions about the long-term security of the add-in ecosystem and the need for ongoing monitoring of approved applications.

The Future of Add-in Security

The AgreeTo incident serves as a wake-up call for both platform providers and users. For Microsoft and other software companies, it highlights the need for continuous monitoring of approved add-ins, even after initial security reviews. The current model of one-time approval with no ongoing verification creates opportunities for exactly this type of attack.

For users, it underscores the importance of being vigilant about the software they install, even when it comes from official sources. The fact that a malicious add-in could operate undetected for an extended period while stealing thousands of credentials demonstrates that even trusted platforms can be compromised.

Industry Response and Ongoing Investigation

BleepingComputer has reached out to Microsoft for comment on Koi researchers’ findings, though no official response has been provided at the time of publication. The cybersecurity community is closely watching how Microsoft responds to this incident and whether it will lead to changes in their add-in approval and monitoring processes.

The AgreeTo attack represents a significant milestone in the evolution of phishing and credential theft techniques. By exploiting the trust inherent in official software marketplaces and the complexities of modern software ecosystems, threat actors have demonstrated their ability to bypass traditional security measures in increasingly sophisticated ways.

As organizations and individuals continue to rely on third-party add-ins and extensions to enhance their productivity tools, the security of these ecosystems becomes increasingly critical. The AgreeTo incident serves as a stark reminder that in the digital age, trust must be continuously earned and verified, not simply granted based on official status or initial approval.

The coming months will likely see increased scrutiny of add-in security practices across all major software platforms, as well as potentially new security measures designed to prevent similar attacks in the future. For now, users are advised to remain vigilant and treat even officially sanctioned software with appropriate caution.

Tags: Microsoft, Outlook, phishing, cybersecurity, data breach, credential theft, add-in, security vulnerability, cybercrime, Koi Security, Microsoft Store, Vercel, supply chain attack, malicious software, account compromise, password security, multi-factor authentication

Viral Sentences:

• “The first known malicious add-in hosted on Microsoft’s official Marketplace”
• “4,000+ Microsoft accounts compromised through a hijacked scheduling tool”
• “Threat actors claimed an abandoned URL to plant sophisticated phishing kit”
• “No ongoing verification process for approved Microsoft add-ins exposed”
• “Attackers were actively testing stolen credentials during investigation”
• “ReadWriteItem permissions could have allowed email modification”
• “Part of larger operation with dozen additional phishing kits”
• “Traditional security measures bypassed through trusted distribution channel”
• “Wake-up call for continuous monitoring of approved applications”
• “Trust must be continuously earned and verified in digital age”

,