Multiple miscreants are misusing OAuth to automate financially motivated cyber crimes – such as business email compromise (BEC), phishing, large-scale spamming campaigns – and deploying virtual machines to illicitly mine for cryptocurrencies, according to Microsoft. OAuth, short for Open Authorization, is an open standard for token-based access delegation, allowing applications to access resources and data hosted by other web apps.
Source: The Register