Stealthware: The Rise of Malicious OAuth Apps in Microsoft 365

Not all attacks rely on malware—some abuse Microsoft 365’s built-in features. Stealthware - a type of Rogue Apps - is a growing threat where attackers create custom OAuth apps for persistence, data theft, and stealthy long-term access. Unlike traditional malware, these apps blend in, bypass MFA, and fly under the radar. Hackers craft these malicious OAuth applications to impersonate legitimate services, silently siphoning emails, modifying inbox rules, and maintaining persistent access. And once installed, these backdoors don’t trigger traditional security alerts. But with Huntress Managed ITDR (Identity Threat Detection & Response), now powered by Rogue Apps, we detect and dismantle these hidden threats—before attackers can exploit them.

[PH] Learn More About Phishing

[PH] Huntress delivers everything you want from a security tool, all designed with the unique needs of outsourced IT and security teams in mind.

[PH] Phishing attempts can show up as messages from your bank, your boss, your utility providers, or even the government. One click from one user can compromise an entire network and inadvertently let hackers deploy ransomware, steal information, or worse.

[PH] The median time it takes for a user to click a link and enter information is less than 60 seconds. With a turnaround time that quick, it's no wonder phishing is one of the preferred methods used by hackers. (2024 Verizon Data Breach Report)

Stealthware: The Rise of Malicious OAuth Apps in Microsoft 365

[PH] Learn More About Phishing

[PH] There's Plenty of Phish in the Sea (and Your Inbox)

[PH] Hacked In Under a Minute