Push Security Uncovers “ConsentFix”: A New Class of Browser-Native Phishing Attack

LONDON--(BUSINESS WIRE)--BLACK HAT, EUROPE — (Booth #305) — Push Security, a leader in browser-based detection and response, today announced the discovery of a new class of phishing attack that enables Microsoft account takeover simply by copy-and-pasting a URL.

"ConsentFix completely sidesteps the traditional defenses that companies rely on," said Jacques Louw, CPO at Push Security.

Share

Dubbed “ConsentFix” by Push Security researchers, this browser-based phishing attack enables full account takeover without ever capturing a password or triggering MFA, marking a significant evolution in phishing techniques. Push researchers detected and blocked the attack across multiple Push customers, demonstrating that this new technique is already being used in the wild.

ConsentFix is best understood as a browser-native ClickFix attack that leads to the compromise of an OAuth token on a target application, in this case, Microsoft. The attack detected by Push sees the victim tricked into logging into Azure CLI, by generating an OAuth authorization code — visible in a localhost URL — and then pasting that URL, including the code, into the phishing page.

This new technique demonstrates the fast-evolving threat landscape. This year, ClickFix attacks were one of the fastest growing attack types. In fact, according to Microsoft 47% of attacks started with ClickFix in the last year, while OAuth consent grants were widely abused by attackers like Scattered Lapsus$ Hunters in the campaign against Salesforce customers. But attackers have already iterated on these successful techniques with ConsentFix, combining the effective social engineering of ClickFix with OAuth abuse.

This is a significant challenge for security teams for a number of reasons:

• There’s no login required, therefore phishing-resistant authentication controls like passkeys have no impact on this attack.
• The attack happens entirely inside the browser context, removing one of the key detection opportunities for ClickFix attacks because it doesn’t touch the endpoint.
• Delivering the lure via Google Search completely circumvents email-based anti-phishing controls.
• Targeting a first-party app like Azure CLI means that many of the controls available for restricting and blocking third-party app integrations do not apply.
• The use of advanced detection evasion techniques makes this attack difficult to investigate, meaning these attacks are going undetected.

“This technique is incredibly sophisticated,” said Jacques Louw, chief product officer at Push Security. “Not only is it technically designed to evade detection and bypass protective identity controls, it’s something that users aren’t necessarily trained to be on guard against. They don’t need to give their credentials or MFA codes away — they’re just pasting a URL.”

Copy-and-Paste to Full Access: How ConsentFix Works

In the ConsentFix attacks observed by Push, victims were funneled through Google Search to compromised but reputable websites injected with a fake Cloudflare Turnstile challenge.

After entering a valid corporate email, victims were then prompted to click a “Sign In” button that directs to a legitimate Microsoft page. If the victim is already logged into Microsoft in their browser, no further login is required and they are redirected to a localhost URL containing an OAuth authorization code for their Microsoft account. The final step was simply to paste that URL back into the original page, completing the malicious consent grant.

Push researchers warn that attackers specifically targeted Microsoft Azure CLI, a first-party application implicitly trusted across Entra ID tenants. Unlike third-party OAuth apps, Azure CLI:

• Cannot be blocked or deleted
• Can request powerful permissions without admin approval
• Is allowed to use internal or undocumented Graph scopes
• Is exempt from many tenant-level consent restrictions

This makes it an exceptionally valuable target — and significantly limits available preventative controls.

“ConsentFix completely sidesteps the traditional defenses that companies rely on,” said Louw. “The lure comes through Google Search, the pages are designed to evade detection, and it exploits a trusted first-party app that you can’t restrict. It’s a huge challenge for security teams.”

Detection Guidance

Push warns that attackers are likely to integrate ConsentFix into phishing kits, broadening access and expanding beyond Microsoft targets to other cloud ecosystems. For now, organizations should monitor for unusual Azure CLI login events, especially for standard users.

Since the attacker is intentionally leveraging legacy scopes to evade detection, organizations should ensure that AADGraphActivityLogs is enabled and monitored to be able to search for unusual activity such as AD enumeration.

For more details about how ConsentFix works and security recommendations, check out the full research report on the Push Security blog or visit the team at Black Hat Europe this week in London at booth #305.

About Push Security

Push Security brings real-time detection and response to the layer where users work — and where attackers operate, the browser. By deploying a powerful agent inside the browser, Push gives defenders full visibility into user activity, attacker behavior, and session-level risk. It detects threats like phishing kits and session hijacking, enforces protective controls like MFA and SSO, and provides the telemetry security teams need to investigate fast. Think of Push as being like EDR, but in the browser. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit https://pushsecurity.com or follow @pushsecurity.