← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Redirect-Based Malware Infection Through OAuth Abuse
WHITE cryptocti 2026-03-04 Modified: 2026-03-04
4
IOCs
LOW VOLUME
Attackers use crafted OAuth redirect URLs in phishing emails to redirect victims from legitimate Microsoft authentication flows to attacker’sservers.
Indicators of Compromise (4)
All domain hostname
TYPEINDICATORDESCRIPTIONCREATED
domain abv-abc3.top 2026-03-04
domain calltask.im 2026-03-04
domain ouviraparelhosauditivos.com.br 2026-03-04
hostname weds101.siriusmarine-sg.com 2026-03-04