EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web

Resecurity has identified a new underground service that allows cybercriminals to bypass 2FA authentication (MFA) authentication mechanisms on a large scale without the need to hack upstream services or the supply chain. EvilProxy actors are using Reverse Proxy and Cookie Injection methods to bypass 2FA authentication – proxyfying victim’s session

REFERENCE: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web

TAGS: EvilProxy, Phishing, MFA Bypass, TOR

INDUSTRIES: E-Commerce, Financial

ATT&CK IDS: T1090 - Proxy, T1125 - Video Capture, T1566 - Phishing, T1040 - Network Sniffing

Read More:

https://otx.alienvault.com/pulse/63175332703dcba6367c4087