Analysis Summary

Security researchers uncovered critical flaws in Microsoft’s Azure ecosystem that allowed attackers to create deceptive applications mimicking trusted Microsoft services like the Azure Portal, Teams, or Power BI. These malicious apps bypassed Microsoft’s safeguard for reserved names by exploiting invisible Unicode characters, such as the Combining Grapheme Joiner (U+034F). By inserting these characters into app names like “Az͏u͏r͏e͏ ͏P͏o͏r͏t͏a͏l,” cybercriminals could generate apps nearly indistinguishable from legitimate ones in consent screens. Over 260 Unicode characters, including those in the U+FE00–U+FE0F range, were tested and found effective. The lack of verification badges on many legitimate Microsoft apps further enabled attackers to mislead users and mask malicious intent.

These spoofed Azure applications leveraged delegated and application permissions to gain access to Microsoft 365 environments. Delegated permissions allowed the apps to act on behalf of users accessing emails, files, and other resources while application permissions provided broader, independent system access. When misused, these access methods became powerful tools for initial access, persistent footholds, and even privilege escalation within enterprise cloud environments. Attackers capitalized on how Azure applications rely on user consent to obtain tokens, often without requiring passwords, making the manipulation of trust a core part of the attack strategy.

Phishing played a central role in exploiting these vulnerabilities. Researcher highlighted two main tactics: illicit consent grant phishing and device code phishing. In the first method, users were tricked via phishing emails into approving a malicious app through a fake file link, giving attackers direct access tokens. In device code phishing, attackers generated codes for malicious apps and convinced victims to enter them on official-looking sites; meanwhile, attackers polled the system to steal the session token. Because many users assumed apps with Microsoft icons or branding were legitimate and frequently ignored “unverified publisher” warnings, these methods proved highly effective.

The researcher promptly reported the vulnerabilities to Microsoft, which patched the Unicode bypass in April 2025 and expanded protections in October 2025. No customer-side patches are needed, as fixes were applied automatically across tenants. However, experts stress that organizations must stay proactive: regularly review app consent logs, enforce least-privilege access policies, and train employees to recognize phishing red flags. This incident underscores the importance of layered security in cloud environments technical controls alone are not enough if user trust can be manipulated through subtle visual deception.

Impact

• Gain Access

Remediation

• Enforce strict app consent policies by disabling automatic user consent and requiring admin approval for third-party or unverified applications.
• Monitor and audit Azure AD/Entra ID app consents regularly, removing suspicious, unused, or overly privileged applications.
• Apply the principle of least privilege by granting only necessary permissions to users and apps, and avoid using application-level permissions unless essential.
• Enable verified publisher requirements and educate users to avoid consenting to apps labeled as “unverified.”
• Strengthen phishing awareness by training users to recognize illicit consent and device code phishing techniques, and double-check app names and URLs mimicking Microsoft services.
• Implement Conditional Access policies such as enforcing multi-factor authentication (MFA) for consent processes and blocking requests from unknown devices or IP addresses.
• Continuously monitor for unusual OAuth token usage or suspicious API activity, and set alerts for high-risk actions like new app registrations or consent grants.
• Conduct regular security assessments, including OAuth-focused audits, penetration testing, and simulated phishing exercises to evaluate and improve organizational resilience.