Varonis Threat Labs has discovered a covert attack method called "Exfil Out&Look" that exploits Microsoft 365 Outlook add-ins to steal confidential email information without leaving forensic evidence in typical audit logs This article explores detection outlook add. . The study identifies a crucial blind spot in Microsoft 365 monitoring, particularly for businesses that significantly depend on Unified Audit Logs for incident response and detection.

Outlook add-ins are web-based extensions (HTML, CSS, JavaScript) with integration points and permissions specified by an XML manifest. They can call external APIs like Microsoft Graph, show custom user interface elements, and respond to user actions like sending an email. Global and Exchange administrators have the option to deploy add-ins tenant-wide or per user via Outlook Web Access (OWA) or desktop.

Varonis discovered a significant visibility difference between OWA and Outlook Desktop. Windows Event Viewer logs an Application log entry (Event ID 45) when an add-in is installed via Outlook Desktop, providing defenders with at least some local telemetry. Even in fully licensed and audited E5 environments, the same add-in installed via OWA does not produce a corresponding entry in Microsoft 365's Unified Audit Log.

This implies that security teams do not receive a native signal indicating that an add-in was installed or used in OWA, or that it accessed or sent email content. The core of Exfil Out&Look is a minimally permissioned add-in that hooks into the OnMessageSend (ItemSend) event. The add-in can read the subject, body, recipients, and timestamp of outgoing emails using only the item that is currently active.

Then, using a straightforward asynchronous fetch() call, a JavaScript payload hosted on a distant server silently transmits this data to an attacker-controlled endpoint. Standard Read/ReadWriteItem-level permissions permit this behavior, and neither explicit user consent nor specific audit events are triggered. Varonis presented deployment scenarios for both individual users and the entire organization.

After a user uploads a custom manifest through OWA under "My Add-ins > Custom Add-ins," the malicious add-in becomes active automatically with each send action. The add-in can be fixed for "Everyone" at the tenant level by a global or Exchange admin using the Microsoft 365 Admin Center (Settings > Integrated Apps > Add-ins), guaranteeing that it operates for every mailbox and cannot be removed by end users.

Ongoing exfiltration activity is not visible, even though initial deployment actions (like service principal creation and app registration) are recorded. The audit log analysis verified that there is no indication that an add-in intercepted or sent content externally; instead, only generic mailbox operations, such as "Created mailbox item" or "Accessed mailbox items," appear. This makes malicious or overly permissive add-ins an ideal tool for insider threats, compromised accounts, abused privileged roles, or even supply chain attacks via trojanized store add-ins.

Tighter control over add-in installation, limiting custom manifest uploads, routinely examining admin-deployed add-ins and associated service principles, and keeping an eye out for questionable connections from Outlook clients are all suggestions made by Varonis.

In order to close this zero-trace exfiltration gap, the researchers also recommend that Microsoft implement risk-based classification, more stringent consent controls, and thorough audit logging for sensitive add-in actions and installations.