New CoPhish attack steals OAuth tokens via Copilot Studio agents
A new phishing campaign named CoPhish targets users of Copilot Studio agents to steal OAuth tokens, enabling attackers to hijack user sessions and access sensitive resources. This attack leverages social engineering to trick users into authorizing malicious OAuth applications or interacting with compromised Copilot Studio agents. The stolen tokens can grant attackers unauthorized access to cloud services and enterprise applications without needing user credentials. The campaign is recent and considered high severity due to the potential for widespread token theft and session hijacking. No known exploits in the wild have been reported yet, but the threat is credible given the trusted source and recent discovery. European organizations using Copilot Studio or similar OAuth-based integrations are at risk, especially those heavily reliant on cloud services. Mitigation requires targeted user awareness, strict OAuth app permission reviews, and enhanced monitoring of token usage. Countries with significant cloud adoption and technology sectors, such as Germany, the UK, France, and the Netherlands, are likely more exposed. The attack does not require system vulnerabilities but exploits user trust and OAuth token handling, making it relatively easy to execute. The suggested severity is high due to the impact on confidentiality and integrity without requiring credential theft or complex exploits.
AI Analysis
Technical Summary
The CoPhish campaign is a newly identified phishing attack that specifically targets users of Copilot Studio agents by stealing OAuth tokens. OAuth tokens are used to grant delegated access to cloud services and applications without exposing user credentials. In this attack, threat actors use social engineering techniques to deceive users into authorizing malicious OAuth applications or interacting with compromised Copilot Studio agents, which then exfiltrate OAuth tokens. These tokens can be used by attackers to impersonate users, access sensitive data, and perform unauthorized actions within cloud environments and enterprise applications. The attack exploits the trust model inherent in OAuth and the integration of Copilot Studio agents, which are automation tools that assist with coding and development tasks. Because OAuth tokens often have broad access scopes and can persist for extended periods, their theft can lead to significant data breaches and operational disruptions. Although no public exploits have been observed in the wild, the campaign's high severity rating reflects the potential impact and ease of exploitation. The attack does not rely on software vulnerabilities but on phishing and token misuse, making traditional patching ineffective. Instead, it requires a combination of user training, application permission management, and enhanced monitoring to detect anomalous token usage. The campaign was reported via a trusted cybersecurity news source and discussed minimally on Reddit, indicating it is a very recent threat with limited public awareness. Organizations using Copilot Studio or similar OAuth-integrated tools should be vigilant and implement proactive defenses.
Potential Impact
For European organizations, the CoPhish attack poses a significant risk to the confidentiality and integrity of cloud-based resources and enterprise applications. Stolen OAuth tokens can allow attackers to bypass traditional authentication mechanisms, leading to unauthorized data access, data exfiltration, and potential manipulation of critical business processes. This can result in financial losses, regulatory penalties (especially under GDPR), reputational damage, and operational disruptions. Organizations heavily reliant on cloud services and automation tools like Copilot Studio are particularly vulnerable. The attack's reliance on social engineering means that even well-secured environments can be compromised if users are not adequately trained. Additionally, the persistence and scope of OAuth tokens mean that attackers can maintain long-term access if tokens are not promptly revoked. The lack of known exploits in the wild suggests an opportunity for European organizations to strengthen defenses before widespread attacks occur. However, the high severity rating underscores the urgency of addressing this threat proactively.
Mitigation Recommendations
1. Conduct targeted user awareness training focusing on the risks of phishing attacks involving OAuth authorization requests and Copilot Studio agents. 2. Implement strict OAuth application permission reviews and restrict the scope of OAuth tokens to the minimum necessary privileges. 3. Enforce multi-factor authentication (MFA) for all cloud service access to reduce the impact of token theft. 4. Monitor OAuth token usage patterns for anomalies such as unusual IP addresses, times, or resource access to detect potential token misuse early. 5. Regularly audit and revoke OAuth tokens that are no longer needed or show suspicious activity. 6. Limit the use of third-party automation tools like Copilot Studio agents to trusted and vetted applications only. 7. Employ conditional access policies that consider device compliance and user risk levels before granting access. 8. Collaborate with cloud service providers to leverage their security features, such as token revocation and anomaly detection. 9. Maintain incident response plans that include procedures for OAuth token compromise scenarios. 10. Stay informed about updates from Copilot Studio and related tools for security patches or advisories.
Affected Countries
Germany, United Kingdom, France, Netherlands, Sweden, Ireland
New CoPhish attack steals OAuth tokens via Copilot Studio agents
Description
A new phishing campaign named CoPhish targets users of Copilot Studio agents to steal OAuth tokens, enabling attackers to hijack user sessions and access sensitive resources. This attack leverages social engineering to trick users into authorizing malicious OAuth applications or interacting with compromised Copilot Studio agents. The stolen tokens can grant attackers unauthorized access to cloud services and enterprise applications without needing user credentials. The campaign is recent and considered high severity due to the potential for widespread token theft and session hijacking. No known exploits in the wild have been reported yet, but the threat is credible given the trusted source and recent discovery. European organizations using Copilot Studio or similar OAuth-based integrations are at risk, especially those heavily reliant on cloud services. Mitigation requires targeted user awareness, strict OAuth app permission reviews, and enhanced monitoring of token usage. Countries with significant cloud adoption and technology sectors, such as Germany, the UK, France, and the Netherlands, are likely more exposed. The attack does not require system vulnerabilities but exploits user trust and OAuth token handling, making it relatively easy to execute. The suggested severity is high due to the impact on confidentiality and integrity without requiring credential theft or complex exploits.
AI-Powered Analysis
Technical Analysis
The CoPhish campaign is a newly identified phishing attack that specifically targets users of Copilot Studio agents by stealing OAuth tokens. OAuth tokens are used to grant delegated access to cloud services and applications without exposing user credentials. In this attack, threat actors use social engineering techniques to deceive users into authorizing malicious OAuth applications or interacting with compromised Copilot Studio agents, which then exfiltrate OAuth tokens. These tokens can be used by attackers to impersonate users, access sensitive data, and perform unauthorized actions within cloud environments and enterprise applications. The attack exploits the trust model inherent in OAuth and the integration of Copilot Studio agents, which are automation tools that assist with coding and development tasks. Because OAuth tokens often have broad access scopes and can persist for extended periods, their theft can lead to significant data breaches and operational disruptions. Although no public exploits have been observed in the wild, the campaign's high severity rating reflects the potential impact and ease of exploitation. The attack does not rely on software vulnerabilities but on phishing and token misuse, making traditional patching ineffective. Instead, it requires a combination of user training, application permission management, and enhanced monitoring to detect anomalous token usage. The campaign was reported via a trusted cybersecurity news source and discussed minimally on Reddit, indicating it is a very recent threat with limited public awareness. Organizations using Copilot Studio or similar OAuth-integrated tools should be vigilant and implement proactive defenses.
Potential Impact
For European organizations, the CoPhish attack poses a significant risk to the confidentiality and integrity of cloud-based resources and enterprise applications. Stolen OAuth tokens can allow attackers to bypass traditional authentication mechanisms, leading to unauthorized data access, data exfiltration, and potential manipulation of critical business processes. This can result in financial losses, regulatory penalties (especially under GDPR), reputational damage, and operational disruptions. Organizations heavily reliant on cloud services and automation tools like Copilot Studio are particularly vulnerable. The attack's reliance on social engineering means that even well-secured environments can be compromised if users are not adequately trained. Additionally, the persistence and scope of OAuth tokens mean that attackers can maintain long-term access if tokens are not promptly revoked. The lack of known exploits in the wild suggests an opportunity for European organizations to strengthen defenses before widespread attacks occur. However, the high severity rating underscores the urgency of addressing this threat proactively.
Mitigation Recommendations
1. Conduct targeted user awareness training focusing on the risks of phishing attacks involving OAuth authorization requests and Copilot Studio agents. 2. Implement strict OAuth application permission reviews and restrict the scope of OAuth tokens to the minimum necessary privileges. 3. Enforce multi-factor authentication (MFA) for all cloud service access to reduce the impact of token theft. 4. Monitor OAuth token usage patterns for anomalies such as unusual IP addresses, times, or resource access to detect potential token misuse early. 5. Regularly audit and revoke OAuth tokens that are no longer needed or show suspicious activity. 6. Limit the use of third-party automation tools like Copilot Studio agents to trusted and vetted applications only. 7. Employ conditional access policies that consider device compliance and user risk levels before granting access. 8. Collaborate with cloud service providers to leverage their security features, such as token revocation and anomaly detection. 9. Maintain incident response plans that include procedures for OAuth token compromise scenarios. 10. Stay informed about updates from Copilot Studio and related tools for security patches or advisories.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Source Type
- Subreddit
- InfoSecNews
- Reddit Score
- 1
- Discussion Level
- minimal
- Content Source
- reddit_link_post
- Domain
- bleepingcomputer.com
- Newsworthiness Assessment
- {"score":52.1,"reasons":["external_link","trusted_domain","established_author","very_recent"],"isNewsworthy":true,"foundNewsworthy":[],"foundNonNewsworthy":[]}
- Has External Source
- true
- Trusted Domain
- true
Threat ID: 68fd35f5bfa5fb493c427170
Added to database: 10/25/2025, 8:41:25 PM
Last enriched: 10/25/2025, 8:41:36 PM
Last updated: 10/28/2025, 2:05:30 AM
Views: 106
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
‘ChatGPT Tainted Memories’ Exploit Enables Command Injection in Atlas Browser
HighX Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts
HighRansomware profits drop as victims stop paying hackers
HighQNAP warns of critical ASP.NET flaw in its Windows backup software
CriticalItalian spyware vendor linked to Chrome zero-day attacks
CriticalActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.