New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security
Found On Dark Web: Beware Of Phishing – Hackers Are Finding New Ways To Bypass Two-Factor Authentication
Ravie Lakshmanan with The Hacker News reports:
A new phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy is being advertised on the criminal underground as a means for threat actors to bypass two-factor authentication (2FA) protections employed against online services.
“EvilProxy actors are using reverse proxy and cookie injection methods to bypass 2FA authentication – proxifying victim’s session,” Resecurity researchers said in a Monday write-up.
The platform generates phishing links that are nothing but cloned pages designed to compromise user accounts associated with Apple iCloud, Facebook, GoDaddy, GitHub, Google, Dropbox, Instagram, Microsoft, NPM, PyPI, RubyGems, Twitter, Yahoo, and Yandex, among others.
EvilProxy is similar to adversary-in-the-middle (AiTM) attacks in that users interact with a malicious proxy server that acts as a go-between for the target website, covertly harvesting the credentials and 2FA passcodes entered in the login pages.
It’s offered on a subscription basis per service for a time period of 10, 20, or 31 days, with the kit available for $400 a month and accessed over the TOR anonymity network after the payment is arranged manually with an operator on Telegram. Attacks against Google accounts, in contrast, cost up to $600 per month.
You may also like:
The Now Proven Farce of JUNK DNA Supports the Word of God
The Biblical Truth About UFOs on ‘A RELEVANT WORD’ w/ Pastor Carl Gallups ~ EA Truth Radio
Ramifications of DNA Data Breach is a Huge Wake Up Call
Incompetent AT&T Has Largest Dark Web Data Leak In Their Company’s History, Social Security Numbers Revealed
