1. Forum
  2. tqwNet
  3. TQW GENTECH

  • This popular app builder has been hijacked to steal Microsoft acc

    From TechnologyDaily@1337:1/100 to All on Thursday, March 26, 2026 17:17:31
    This popular app builder has been hijacked to steal Microsoft account details - here's what we know

    Date:
    Thu, 26 Mar 2026 17:10:00 +0000

    Description:
    Bubble.io's good name is being tarnished by advanced and convincing phishing lures.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Cybercriminals abuse Bubble.io no-code platform to host phishing apps Trusted domain bypasses email security, tricking victims into Microsoft 365 credential theft Kaspersky warns
    technique likely to spread via Phishing-as-a-Service kits, making attacks
    more dangerous Cybercriminals have been seen abusing a legitimate AI app builder platform to bypass email security protections and land phishing
    emails directly into peoples inboxes.

    Security researchers Kaspersky flagged the affected program is Bubble.io, a no-code visual programming platform which allows users to create entire web and mobile apps without writing a single line of code. However this means hackers could also use the drag-and-drop editor, or an AI chatbot , to generate complex JavaScript and frontend structure, embed malicious functionality, and host the website on the bubble.io domain. Then, they would send phishing emails to their victims, targeting their Microsoft 365
    accounts. The emails would contain a link to the Bubble-hosted app, and since it is hosted on a trusted domain, email security solutions dont flag it and the message lands into the inbox. Article continues below You may like Yet another phishing campaign impersonates trusted Google services - here's what we know A popular Microsoft Outlook add-in has been hijacked to try and steal user accounts - here's how to stay safe This phishing campaign spoofs
    internal messages - here's what we know Kaspersky predicts a bright future
    for the dark technique The apps themselves often mimic a Microsoft login portal hidden behind a Cloudflare check. Victims that dont spot the trick
    will end up sharing their login credentials with the attackers, which can
    then use the access to target organizations, steal data, or deploy
    ransomware.

    Given the novelty and the success of this method, Kaspersky believes it is bound to become a lot more popular in the near future. The researchers speculate that many Phishing-as-a-Service (PhaaS) providers will soon start integrating this technique into their phishing kits, especially those used by less-skilled, newbie criminals.

    Such platforms are already quite advanced, and capable of stealing 2FA codes in-transit, defend against analysis through geo-fencing and other methods,
    and use AI to generate convincing email copy.

    By abusing legitimate platforms such as Bubble, the platforms will only get better and more dangerous. It is also worth mentioning that abusing legal businesses is not a new method by any means - weve seen PayPal, Google Tasks, Microsoft Azure Monitor alerts, and many other features used in this respect before. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Bubble has not yet responded to media inquiries, and there is no word about the abuse on its website.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-popular-app-builder-has-been-hijac ked-to-steal-microsoft-account-details-heres-what-we-know


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)