In January 2024, Sekoia revealed the discovery of a phishing-as-a-service kit named Sneaky 2FA, aimed at Microsoft 365 accounts. It operates as an adversary-in-the-middle attack, intercepting communications between Microsoft devices and a phishing server. Distributed via Telegram by the threat actor service Sneaky Log, it incorporates about 100 domains and has been active since October 2024. The kit features a fake Microsoft authentication page, capturing user credentials. This ongoing evolution of phishing tactics underscores the shifting landscape within cybercrime, as criminal services migrate based on competitive factors.
Security researchers at Sekoia have detected a new phishing-as-a-service kit, Sneaky 2FA, that targets Microsoft 365 accounts, enhancing business email compromise attacks.
Collection
[
|
...
]