Security News > 2023 > August > Massive EvilProxy Phishing Attack Campaign Bypasses 2FA, Targets Top-Level Executives

New research from Proofpoint exposes a new massive credential phishing attack campaign aimed at top-level executives in more than 100 organizations worldwide.
This cybersecurity attack leverages the EvilProxy phishing kit and bypasses two-factor authentication.
Daniel Blackford, threat researcher at Proofpoint, told TechRepublic that EvilProxy is sold in underground forums and Telegram channels, and added that "The basic version of EvilProxy costs a few hundred dollars, but it depends on many parameters like: feature set, number of targeted users, etc."
The user lands on the EvilProxy phishing website, which in this campaign is a Microsoft login page functioning as a reverse proxy.
This attack campaign sent approximately 120,000 phishing emails to hundreds of targeted organizations worldwide between March and June 2023, with the goal to steal users' Microsoft 365 cloud credentials.
While the goal of this attack campaign remains unknown, this kind of attack generally leads to financial fraud or sensitive data exfiltration.
News URL
https://www.techrepublic.com/article/evilproxy-phishing-attack/
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)