Security News > 2023 > August > Massive EvilProxy Phishing Attack Campaign Bypasses 2FA, Targets Top-Level Executives
New research from Proofpoint exposes a new massive credential phishing attack campaign aimed at top-level executives in more than 100 organizations worldwide.
This cybersecurity attack leverages the EvilProxy phishing kit and bypasses two-factor authentication.
Daniel Blackford, threat researcher at Proofpoint, told TechRepublic that EvilProxy is sold in underground forums and Telegram channels, and added that "The basic version of EvilProxy costs a few hundred dollars, but it depends on many parameters like: feature set, number of targeted users, etc."
The user lands on the EvilProxy phishing website, which in this campaign is a Microsoft login page functioning as a reverse proxy.
This attack campaign sent approximately 120,000 phishing emails to hundreds of targeted organizations worldwide between March and June 2023, with the goal to steal users' Microsoft 365 cloud credentials.
While the goal of this attack campaign remains unknown, this kind of attack generally leads to financial fraud or sensitive data exfiltration.
News URL
https://www.techrepublic.com/article/evilproxy-phishing-attack/
Related news
- New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)