Security News > 2023 > August > Massive EvilProxy Phishing Attack Campaign Bypasses 2FA, Targets Top-Level Executives
New research from Proofpoint exposes a new massive credential phishing attack campaign aimed at top-level executives in more than 100 organizations worldwide.
This cybersecurity attack leverages the EvilProxy phishing kit and bypasses two-factor authentication.
Daniel Blackford, threat researcher at Proofpoint, told TechRepublic that EvilProxy is sold in underground forums and Telegram channels, and added that "The basic version of EvilProxy costs a few hundred dollars, but it depends on many parameters like: feature set, number of targeted users, etc."
The user lands on the EvilProxy phishing website, which in this campaign is a Microsoft login page functioning as a reverse proxy.
This attack campaign sent approximately 120,000 phishing emails to hundreds of targeted organizations worldwide between March and June 2023, with the goal to steal users' Microsoft 365 cloud credentials.
While the goal of this attack campaign remains unknown, this kind of attack generally leads to financial fraud or sensitive data exfiltration.
News URL
https://www.techrepublic.com/article/evilproxy-phishing-attack/
Related news
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)