"It enabled thousands of cybercriminals to covertly access email and cloud-based service accounts. At scale, the platform generated tens of millions of phishing emails each month and facilitated unauthorized access to nearly 100,000 organizations globally, including schools, hospitals, and public institutions."
"The panel serves as a hub for configuring, tracking, and refining campaigns. It features pre‑built templates, attachment files for common lure formats, domain and hosting configuration, redirect logic, and victim tracking. Operators can also configure how the malicious content is delivered through attachments, as well as keep tabs on valid and invalid sign‑in attempts."
"The captured information, such as credentials, multi-factor authentication (MFA) codes, and session cookies, can be downloaded directly within the panel or forwarded to Telegram for near‑real‑time monitoring."
Tycoon 2FA was a subscription-based phishing kit that emerged in August 2023 and became one of the largest phishing operations worldwide. Priced from $120 for 10 days to $350 monthly, it provided cybercriminals with a web-based administration panel for configuring and tracking phishing campaigns. The platform featured pre-built templates, domain configuration, redirect logic, and victim tracking capabilities. Operators could capture credentials, MFA codes, and session cookies, downloading them directly or forwarding to Telegram for real-time monitoring. The toolkit generated tens of millions of phishing emails monthly and enabled unauthorized access to nearly 100,000 organizations including schools, hospitals, and public institutions. A coordinated law enforcement effort dismantled the operation by taking down 330 domains supporting the criminal service.
#phishing-as-a-service #credential-harvesting #law-enforcement-takedown #cybercrime-infrastructure #mfa-attacks
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]