A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.
The technique was developed by researchers at Datadog Security Labs, who warned in a report earlier this week that Copilot Studio's flexibility introduces new, undocumented phishing risks.
Although CoPhish relies on social engineering, Microsoft has confirmed to BleepingComputer that it plans on fixing the underlying causes in a future update.
"We've investigated this report and are taking action to address it through future product updates," a Microsoft spokesperson told BleepingComputer.
"While this technique relies on social engineering, we remain committed to hardening our governance and consent experiences and are evaluating additional safeguards to help organizations prevent misuse."
Copilot agents and OAuth phishing
Copilot Studio agents are chatbots hosted on copilotstudio.microsoft.com that users can create and customize through "topics," which are workflows that automate specific tasks.
Agents can be shared on Microsoft's domain by enabling the "demo website" feature. Because the URL is a legitimate one, it is easier for a user to fall for the trick and log in.
The Login topic, which authenticates the user when starting a conversation with the chatbot, can be configured for specific actions, like requesting a verification code or redirecting to another location or service.
Customizable sign-in topic in malicious agent
... continue reading