Security News Threat actors use Tycoon 2FA kits to target MS 365 and Gmail accounts

vtqhtr413

vtqhtr413

Level 27
Thread author
Well-known
Aug 17, 2017
1,609
Content source
https://windowsreport.com/threat-actors-use-tycoon-2fa-kits-to-steal-your-data-via-fake-login-pages/
Hackers use the phishing-as-a-service (PAAS) platform known as Tycoon 2FA to target Microsoft 365 and Gmail accounts. Their method bypasses two-factor authentication (2FA) systems. Also, the PAAS tool is similar to other Adversary-in-The-Middle (AiTM) phishing platforms such as Dadsec OTT. Thus, cyber security specialists believe that cybercriminals reuse the code.

The Tycoon 2FA quickly became one of the most widespread AiTM phishing kits. As a result, more than a thousand domains are using it. Unfortunately, cybercriminals worked fast and updated their tool to a new version that enhances its obfuscation and anti-detection capabilities. Also, they added a feature that changes network traffic patterns.

Threat actors who use Tycoon 2FA send fake emails with embedded URLs or QR codes. By accessing them, you will get to a security challenge. After completion, they will extract your email address from the URL. Then, you will be redirected to a fake login page. Once you log in, you will encounter a fake two-factor authentication. From there, the hackers will get access to bypass security measures and steal your data.
Click to expand...
windowsreport.com

Threat actors use Tycoon 2FA kits to steal your data via fake login pages

Threat actors use a new Tycoon 2FA kit to bypass two-factor authentication services and steal your Microsoft 365 and Gmail login details.
windowsreport.com windowsreport.com
 
  • Like
  • +Reputation
Reactions: brambedkar59, TairikuOkami, oldschool and 1 other person
vtqhtr413

vtqhtr413

Level 27
Thread author
Well-known
Aug 17, 2017
1,609
TairikuOkami said:
So even we exclude AV, DNS, anti-phishing protection, there is a simple password manager, which auto-fills data only on a proper domain. 🥱
Click to expand...
It is a deflating story, I agree, it's not my intention to sadden or scare anyone with these posts, it's just the reality of our day. Like an old member here used to say 'Stay Frosty', which means, never let your guard down (y)
 
  • Like
  • Applause
Reactions: TairikuOkami and Jonny Quest

Similar threads

enaph
    • +Reputation
    • Like
    • Wow
Scams & Phishing News Microsoft “Poisons” Phishing Data With Fake Creds to Catch Hackers
Replies
0
Views
1,358
Security News
enaph
enaph
Gandalf_The_Grey
    • Wow
Security News File hosting services misused for identity phishing
Replies
0
Views
1,581
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
Security News New phishing attack steals your Instagram backup codes to bypass 2FA
Replies
0
Views
1,492
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top