ConsentFix v3 Automates OAuth Phishing Against Azure Tenants

A new variant of OAuth phishing called ConsentFix v3 is circulating on hacker forums with automation capabilities designed for scaling attacks against Microsoft Azure environments. Push Security researchers identified the technique, which combines tenant reconnaissance, Cloudflare-hosted phishing pages, and Pipedream serverless automation to harvest tokens in real-time.

This evolution arrives as OAuth token abuse has surged 146%, with security firms now detecting nearly 40,000 incidents daily. ConsentFix v3 represents the weaponization of that trend—packaging OAuth exploitation into an automated, scalable attack kit.

How ConsentFix v3 Works

The attack exploits OAuth2 authorization code flow by targeting first-party Microsoft applications that are pre-trusted and pre-consented in every Azure tenant. Because these apps already have consent from Microsoft, victims don't see the typical OAuth permission prompts that might raise suspicion.

The attack chain proceeds through five phases:

Reconnaissance: Attackers verify Azure presence via tenant ID validation and gather employee data including names, roles, and email addresses from public sources.

Infrastructure setup: Operators create accounts across Outlook, Tutanota, Cloudflare, DocSend, Hunter.io, and Pipedream to support the campaign.

Phishing deployment: Cloudflare-hosted pages mimic Microsoft login interfaces. Malicious links get embedded in PDFs distributed through DocSend to bypass email spam filters.

Automation layer: When victims complete the legitimate Microsoft login flow, the page captures the localhost URL containing the authorization code and sends it to a Pipedream webhook. The backend immediately exchanges codes for refresh tokens through Microsoft APIs.

Post-exploitation: Harvested tokens get imported into tools like Specter Portal for accessing compromised resources, enabling lateral movement across connected SaaS applications.

Evolution from Earlier Versions

Push Security first documented ConsentFix in December 2025 as a variation of ClickFix attacks applied to OAuth phishing. The original technique tricked victims into completing a legitimate Microsoft login via Azure CLI, then copying the resulting localhost URL.

ConsentFix v2, developed by researcher John Hammond, refined the approach by replacing manual copy/paste with drag-and-drop of the localhost URL, making the phishing flow smoother.

The v3 variant eliminates victim interaction after the initial login entirely. Automation handles code exchange immediately, reducing the window where victims might realize something is wrong.

Why MFA Doesn't Help

This attack bypasses multi-factor authentication completely. Victims authenticate on Microsoft's real infrastructure, completing legitimate MFA prompts. The authorization code they generate is valid—attackers simply capture it before it expires and exchange it for tokens.

This mirrors the approach seen in device code phishing campaigns that have compromised 340+ Microsoft 365 organizations since February 2026. Both techniques exploit the gap between authenticating a user and authorizing an application.

Current Threat Status

Push Security notes that while ConsentFix attacks appear in actual campaigns, it remains unclear whether the v3 variant has gained significant traction among cybercriminals yet. The technique is documented on hacking forums, but confirmed mass deployment hasn't been observed.

The combination of Cloudflare hosting, Pipedream automation, and DocSend PDF distribution makes attribution and takedown challenging. Each component is a legitimate service frequently used for lawful purposes.

Defensive Measures

Organizations can reduce exposure through several approaches:

Apply token binding: Bind tokens to trusted devices to prevent use from attacker infrastructure.

Implement behavioral detection: Alert on unusual application consent patterns or token usage from unexpected locations.

Restrict first-party app usage: While challenging given Microsoft's pre-consent model, monitoring which first-party apps access sensitive resources can identify abuse.

Leverage FOCI research: Microsoft's Family of Client IDs documentation helps understand which apps share token privileges.

The fundamental challenge is architectural: first-party Microsoft applications are pre-trusted by design, creating an attack surface that's difficult to restrict without breaking legitimate functionality.

Why This Matters

ConsentFix v3 represents identity attacks reaching automation maturity. What required manual social engineering six months ago now runs through serverless infrastructure at scale. The technique specifically targets the trust model that makes OAuth convenient—pre-consented applications that don't prompt users for explicit permission.

For defenders, this means detection must shift from blocking suspicious consent prompts to identifying anomalous token usage patterns after authentication succeeds. The attack happens entirely within legitimate Microsoft infrastructure until the final credential abuse phase.

Organizations relying on MFA as their primary identity defense should recognize that credential phishing has evolved beyond password theft. Token-based attacks bypass authentication entirely, requiring different detection and response strategies.