LogoKit Simplifies Office 365, SharePoint ‘Login’ Phishing Pages

2021-01-28 16:46

A newly-uncovered phishing kit, dubbed LogoKit, eliminates headaches for cybercriminals by automatically pulling victims' company logos onto the phishing login page.

These targeted services range from generic login portals to false SharePoint, Adobe Document Cloud, OneDrive, Office 365, and cryptocurrency exchange login portals.

Phishing kits are nothing new - however, LogoKit makes the deployment of phishing login pages even easier for cybercriminals.

In some cases attackers have been observed hosting their phishing pages on Google Firebase as part of the LogoKit attack.

While LogoKit has been found using these legitimate hosting services, researchers have also observed compromised web sites - many running WordPress - to be hosting LogoKit variants.

"The LogoKit presents a unique opportunity for attackers, allowing for easy integration into either existing HTML pretext templates or building simple login forms to mimic corporate login portals," said Castleman.

News URL

https://threatpost.com/logokit-simplifies-office-365-sharepoint-login-phishing-pages/163430/

#office #office365 #phishing #sharepoint