Cyber hackers are increasingly exploiting a new phishing-as-a-service platform known as Tycoon 2FA.
THE criminals inform us they are increasingly using new platforms and tricks to target Microsoft 365 and Gmail accounts. To bypass the protection of two-factor authentication, the phishing kitswhich bypasses, but does not invalidate, Multi-Factor Authentication, the use of which, according to Microsoft, reduces the risk of breach by 99.9%. Of an account.
Cybercriminals are increasingly exploiting a new platform phishing-as-a-service (PhaaS)known as Tycoon 2FA, to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection. If users ‘take the bait’ for the phishing email the attack chain is triggered
The new Tycoon 2FA platform, which offers phishing-as-a-service services, demonstrates a new attack modality that allows the Threat Actor to copy Microsoft login portals, using Adversary-in-the-Middle techniques, which simulate entering the two-factor authentication code. Here are the details of the attack and how to mitigate the risk.
How to protect yourself from hacker attacks on Gmail
The hackers’ new method triggers a mechanism in which the users are silently redirected to another part of the site of phishing and arrive on a fake Microsoft login page through which the credentials and above all the 2FA tokens. It is therefore a phishing, made possible by a human error.
This way, the attacker can replay the user’s session and bypass multi-factor authentication (MFA) mechanisms. Attackers distribute malicious links via email with Embedded URLs or QR codes, tricking victims into accessing phishing pages. Hackers thus distribute malicious links via emails with embedded URLs or QR codes, tricking victims into accessing phishing pages.
Users suffer a silent redirect to another part of the phishing site, to land them on the fake login page. At this point, the kit mimics a 2FA challenge, intercepting the 2FA token or response to bypass security measures. Finally, in phase 6, victims suffer the redirect to a legitimate looking pageFor hide the success of the phishing attack.
To protect yourself, you need to implement two-factor authentication or Multi-Factor Authenticationalso defined strong authentication or 2FA and MFA it now represents a necessity that anyone should adopt on their accounts, whether personal or business. Finally, companies must simultaneously review and continuously update their business processes to integrate best security practices.
