November 29, 2024 at 02:09PM A new phishing-as-a-service platform called ‘Rockstar 2FA’ has been launched, enabling large-scale adversary-in-the-middle (AiTM) attacks to compromise Microsoft 365 credentials. This service makes it easier for criminals to conduct phishing attacks on a broader scale. ### Meeting Takeaways: 1. **Introduction of ‘Rockstar 2FA’**: A new phishing-as-a-service (PhaaS) platform has been … Read more
November 29, 2024 at 05:33AM Researchers warn of a phishing-as-a-service (PhaaS) toolkit, Rockstar 2FA, targeting Microsoft 365 credentials through email campaigns. Utilizing adversary-in-the-middle (AitM) attacks, it bypasses multi-factor authentication (MFA). Promoted features assist cybercriminals in executing campaigns with minimal expertise, leading to significant potential financial losses for victims. ### Meeting Takeaways – Cybercrime / Cloud … Read more
November 22, 2024 at 04:48AM Meta, Microsoft, and the U.S. Department of Justice are taking action against cybercrime. Microsoft seized 240 fraudulent websites linked to a phishing kit seller. The DoJ shut down PopeyeTools, a marketplace for stolen data, while Meta removed over two million scam accounts. Collaborations aim to combat online fraud globally. ### … Read more
November 21, 2024 at 12:08PM Microsoft and the Justice Department seized over 240 domains linked to ONNX, a phishing-as-a-service platform targeting thousands of victims globally since 2017. ONNX was the leading provider of phishing kits in 2024, enabling sophisticated attacks that bypassed security measures. Operations ceased after the owner’s identity was revealed. ### Meeting Takeaways … Read more
October 8, 2024 at 04:32PM The Mamba 2FA platform is an emerging phishing-as-a-service (PhaaS) tool, targeting Microsoft 365 accounts through AiTM attacks. It offers a competitive price of $250/month and has evolved to enhance stealthiness and longevity. It specifically targets Microsoft 365 users and offers phishing templates for various services. This platform poses a significant … Read more
October 1, 2024 at 03:45AM Over 140,000 phishing websites linked to Sniper Dz, a phishing-as-a-service platform, have been discovered. It offers free services, drawing in cybercriminals, while also collecting stolen credentials. Aspiring threat actors can easily mount phishing attacks through PhaaS platforms, such as Sniper Dz. The platform operates openly and has been observed targeting … Read more
August 12, 2024 at 08:36AM In 2023, phishing attacks impacted 94% of businesses, a 40% increase from the previous year. The surge is attributed to AI, particularly generative AI, facilitating the creation of malicious content, and PhaaS enabling easy access to skilled attackers. Threat actors now respond more quickly to evolving and planned events, capitalizing … Read more
July 30, 2024 at 10:37AM EvilProxy, a phishing kit known as the “LockBit of phishing,” is being used to launch attacks using legitimate Cloudflare services to disguise malicious traffic. Criminals are offered customer support, videos, and guides to launch campaigns and disguise their activity. Notable threat actors, TA4903 and TA577, have adopted EvilProxy for their … Read more
June 19, 2024 at 01:29PM A phishing-as-a-service operation is targeting financial firms using advanced tactics such as 2FA bypass, QR codes, and typosquatting to compromise Microsoft 365 accounts. The origin of the campaign was traced to a platform called ONNX Store, which operates through Telegram bots. Countermeasures include blocking unverified PDF and HTML attachments, implementing … Read more
June 4, 2024 at 02:56PM Cybercriminals are promoting ‘V3B,’ a new phishing kit on Telegram targeting customers of major financial institutions in multiple European countries. The kit, priced between $130-$450 per month, features advanced obfuscation, localization options, and a live chat for real-time interactions to obtain sensitive information. This indicates a growing trend in cybercrime. … Read more