Microsoft Outlook Add-In Hijacked to Steal Thousands of Credentials and Payment Data Security researchers at Koi Security uncovered a novel attack leveraging a dormant Microsoft Outlook add-in to harvest over 4,000 login credentials, credit card numbers, and banking security answers. The incident marks the first known malicious Office add-in discovered in the wild, exposing a critical flaw in Microsoft’s third-party tool distribution. The attack centered on AgreeTo, a legitimate meeting-scheduling add-in published to the Microsoft Office Add-in Store in 2022. After the developer abandoned the project and its hosting domain expired, the subdomain (`outlook-one.vercel.app`) became available for registration. An attacker claimed the domain and replaced the original tool with a fake Microsoft sign-in page, which loaded inside Outlook via an iframe for all existing users. Microsoft’s security review process only validates an add-in’s manifest file upon initial submission, meaning the malicious content change went undetected. The phishing page captured credentials and transmitted them to the attacker via a Telegram bot. Researchers accessed the exfiltration channel, recovering stolen data including Microsoft account logins, payment details, and IP addresses while the attackers were actively testing the credentials. Though Microsoft removed the add-in from its store, the phishing infrastructure remained operational outside it. The AgreeTo manifest had ReadWriteItem permissions, granting potential access to read or modify users’ emails, though the attackers only deployed a basic phishing scheme. The incident underscores a broader vulnerability in software supply chains: Office add-ins function as remote dynamic dependencies, allowing content to change without Microsoft’s oversight.