New ConsentFix Attack Hijacks Microsoft Accounts via Azure CLI Without Passwords or MFA

Security researchers have discovered a new social engineering attack called "ConsentFix" that hijacks Microsoft accounts without stealing passwords or bypassing multi-factor authentication. The technique abuses the legitimate Azure CLI OAuth authentication flow, tricking victims into unknowingly granting attackers full access to their Microsoft and Microsoft 365 accounts.

What is ConsentFix?

ConsentFix is a sophisticated variation of "ClickFix" attacks—social engineering campaigns that trick users into running commands or completing actions on their computers, typically under the guise of fixing an error or proving they're human.

Discovered by cybersecurity firm Push Security, ConsentFix specifically targets the Azure CLI (Command Line Interface)—a legitimate Microsoft tool that developers and IT administrators use to manage Azure and Microsoft 365 resources.

What makes this attack dangerous—it doesn't require:

Stealing the victim's password

Bypassing MFA verification

Installing malware on the victim's device

Compromising Microsoft's infrastructure

Instead, it exploits OAuth 2.0's authorization code flow—a legitimate authentication mechanism—to obtain tokens that grant full account access.

How the Attack Works

Step 1: Initial Lure

Victims encounter compromised legitimate websites that rank highly in Google search results. These aren't newly created phishing domains—they're real sites that have been compromised, making them harder to detect and block.

Step 2: Targeted Filtering

The site displays a fake Cloudflare Turnstile CAPTCHA requesting a "valid business email address." This isn't just for show—the attacker's script checks submitted addresses against a target list, filtering out security researchers, automated scanners, and non-targeted individuals. Only victims on the target list proceed to the attack phase.

Step 3: The ClickFix Prompt

Approved targets see a familiar ClickFix-style page with instructions to "verify they are human." The page instructs victims to click a "Sign in" button, complete the Microsoft login that appears, copy the resulting URL from their browser, and paste it back into the phishing page.

Step 4: OAuth Code Theft

The "Sign in" button opens a legitimate Microsoft URL—but not a standard login page. It's an Azure CLI OAuth authorization page. If the victim is already logged into their Microsoft account (which most users are), they simply select their account. If not, they authenticate normally on Microsoft's real infrastructure.

Step 5: The Handoff

After authentication, Microsoft redirects to a localhost URL containing an OAuth authorization code:

http://localhost:XXXXX/?code=0.AXXX...authorization_code...

When victims paste this URL into the phishing page as instructed, the attacker captures the authorization code and exchanges it for access tokens—granting full Microsoft account access.

Why This Attack is Significant

No Credentials Stolen

Traditional phishing captures usernames and passwords. ConsentFix doesn't need them. The victim authenticates directly with Microsoft, and the attacker steals the resulting authorization code instead.

MFA is Irrelevant

Because the victim completes their own legitimate authentication (including any MFA prompts), the attacker never needs to intercept or bypass MFA. The victim does the authentication work for them.

Existing Sessions Exploited

If victims are already logged into their Microsoft account, they may not even see a login prompt—just an account selection screen. This makes the attack feel less suspicious.

One-Time Execution

The attack triggers only once per victim IP address. If security researchers or the same user returns to investigate, they see a normal page. This complicates analysis and detection.

Legitimate OAuth App

Azure CLI is a Microsoft-owned OAuth application. Unlike third-party OAuth apps that might trigger security alerts, Azure CLI is inherently trusted within the Microsoft ecosystem.

What Attackers Can Access

With Azure CLI tokens, attackers can:

Read and send emails

Access OneDrive files

Manage Microsoft 365 settings

Access Azure resources (if the victim has Azure permissions)

Impersonate the user to other connected services

Establish persistence through additional OAuth grants

The scope of access depends on the victim's Microsoft 365 and Azure permissions, but for most business users, this represents significant exposure.

Detection and Defense

For Security Teams

Push Security recommends monitoring for:

Unusual Azure CLI logins — Look for Azure CLI authentications from new or unexpected IP addresses, geographic locations inconsistent with user patterns, or consumer IP ranges for enterprise users

Legacy Graph API scopes — Attackers intentionally use legacy Microsoft Graph scopes to evade newer detection mechanisms

Localhost redirect patterns — While normal for Azure CLI, high volumes or unusual patterns may indicate abuse

For End Users

Be suspicious of any page asking you to copy/paste URLs

Never paste browser URLs into third-party websites

Recognize that legitimate verification never requires sharing URLs

Report unusual "human verification" requests to IT security

For Organizations

Implement Conditional Access policies restricting Azure CLI usage

Consider blocking Azure CLI OAuth for users who don't need it

Monitor OAuth consent grants for unusual patterns

Educate users about OAuth-based phishing techniques

Connection to Broader Attack Trends

ConsentFix represents the evolution of OAuth abuse attacks. Previous campaigns like illicit consent grant attacks (tricking users into authorizing malicious third-party apps), device code phishing (abusing device authorization flows), and token theft malware (stealing tokens from authenticated sessions) have paved the way for increasingly sophisticated techniques.

ConsentFix combines social engineering sophistication with OAuth flow abuse, representing a convergence of techniques that bypasses many traditional security controls.

Microsoft's Response

As of publication, Microsoft has not issued a specific advisory for this attack technique. The Azure CLI OAuth application itself is functioning as designed—the vulnerability lies in how users can be socially engineered into completing the OAuth flow for an attacker's benefit.

Organizations should not expect a "patch" for this issue. Defense requires user awareness training, OAuth monitoring and alerting, Conditional Access restrictions, and Zero Trust architecture principles.

Indicators of Compromise

Behavioral Indicators

Azure CLI OAuth authentications from unexpected locations

Multiple Azure CLI tokens issued to single user in short timeframe

Azure CLI access from users who don't typically use CLI tools

Technical Indicators

OAuth redirects to localhost ports associated with Azure CLI

Legacy Microsoft Graph API scope usage

Token refresh patterns inconsistent with normal Azure CLI usage

Conclusion

ConsentFix demonstrates that attackers continue finding creative ways to abuse legitimate authentication mechanisms. The attack's elegance lies in its simplicity: it doesn't break anything—it just tricks users into completing a legitimate process for malicious purposes.

Key lesson: OAuth and MFA are not silver bullets. Social engineering can still grant attackers full account access when users can be convinced to complete authentication flows on the attacker's behalf.

Organizations should review their Azure CLI OAuth exposure and ensure security teams can detect unusual Azure CLI authentication patterns. For detailed guidance on defending against OAuth-based attacks, see our guide to Understanding OAuth Security and Microsoft 365 Security Best Practices.