A hijacked Outlook calendar tool named AgreeTo compromised over 4,000 Microsoft accounts after attackers exploited an abandoned Vercel URL to transform the legitimate add-in into a sophisticated phishing operation. The malicious app—still hosted on Microsoft's official store—displayed fake login pages within Outlook's sidebar, harvesting usernames, passwords, credit card numbers, and banking details before exfiltrating them via Telegram's bot API. Microsoft removed the add-in only after Koi Security researchers exposed what they dubbed "AgreeToSteal," revealing critical gaps in the company's app verification process that failed to monitor approved add-ins post-publication. The breach highlights how attackers weaponize trusted platforms to steal credentials at scale.
When a meeting scheduler becomes a credential harvester, you know something has gone terribly wrong with app store security. Over 4,000 Microsoft users just learnt this lesson the hard way after a hijacked Outlook add-in—formerly a legitimate calendar tool—transformed into the first known malicious application to infiltrate Microsoft's official store.
The add-in, originally called AgreeTo, had a straightforward purpose: connect calendars and share availability to simplify meeting scheduling. Published in December 2022, it earned a respectable 4.71-star rating before its developer abandoned the project, leaving behind an orphaned Vercel URL at outlook-one.vercel.app. That's where things went sideways. A threat actor simply claimed the abandoned domain without needing to resubmit anything to Microsoft, exploiting a glaring oversight in the store's verification process.
Once in control, the attacker deployed a sophisticated phishing operation codenamed AgreeToSteal by Koi Security researchers who discovered the breach. Users opening the add-in encountered what appeared to be a legitimate Microsoft login page displayed directly within Outlook's sidebar. The fake interface collected usernames and passwords, then exfiltrated credentials through Telegram's bot API before redirecting victims to the actual Microsoft login. This redirect was particularly devious—it maintained the illusion of normalcy as attackers walked away with the keys to thousands of accounts.
The fake login page stole credentials via Telegram, then redirected victims to Microsoft's real portal to maintain the illusion of legitimacy.
The stolen data extends beyond simple passwords. Credit card numbers, banking security answers, victim IP addresses, Interac e-Transfer PINs, and CVVs all found their way into attacker hands. The operator, who runs over a dozen phishing kits targeting ISPs, banks, and webmail providers, actively tested these credentials. Your compromised password wasn't just sitting in a database somewhere—it was being put to work.
Microsoft's vulnerability here stems from a fundamental flaw in their store oversight. Initial reviews examine only the manifest file, not the actual content loaded by add-ins. Once approved, there's no periodic monitoring, meaning orphaned projects remain listed indefinitely. The hijacked add-in retained ReadWriteItem permissions capable of reading and modifying user emails, though no evidence suggests attackers exploited that capability. They didn't need to—the phishing page did all the heavy lifting. The add-in continued appearing in the Microsoft Office Add-in Store until the day Koi Security publicly reported their findings.
After Koi Security raised the alarm, Microsoft removed the add-in, but the damage was done. If you've used AgreeTo recently, here's your action plan: reset your Microsoft password immediately, activate multi-factor authentication if you haven't already, and monitor your financial accounts for suspicious activity.
This incident reveals how easily legitimate-looking tools can turn hostile when app stores prioritise speed over sustained vigilance. The attack exploited trust in Microsoft's distribution channels to deliver malicious content under the guise of a verified application. The trust we place in official marketplaces isn't worthless, but it clearly isn't bulletproof either.
Final Thoughts
A Microsoft Store Outlook add-in breach exposed 4,000 user accounts to credential theft, demonstrating how third-party tools can become security vulnerabilities despite marketplace vetting. The incident involved malicious add-ins that could access user inbox data and steal login credentials for targeted phishing attacks.
Home Computer Technician can help your organization prevent similar security breaches by implementing comprehensive cybersecurity measures including password rotation protocols, multi-factor authentication setup, third-party application security audits, and employee training on identifying malicious add-ins and phishing attempts.
Don't wait for a security incident to impact your business. Contact us today to strengthen your digital defenses and protect your sensitive data from credential theft and cyber attacks.