The Sneaky2FA phishing service model has adopted a new capability that allows attackers to exploit Microsoft account credentials more effectively with a technique known as Browser-in-the-Browser (BITB). Researchers from Push Security uncovered this variant operating actively, indicating an alarming advancement in phishing services. These services are designed to ease the perpetration of sophisticated attacks, operating on platforms like Telegram and offering unauthorized access to tools and obfuscated source code.
The BITB functionality is particularly concerning as it enables attackers to create a highly convincing façade that tricks users into believing they are interacting with legitimate login pages. After users click on a suspicious link, they are presented with a realistic authorization prompt that appears to be from a trusted source. These tactics use advanced evasion protocols to escape detection by security measures, including obfuscation tactics that make it difficult for traditional pattern recognition systems to identify the phishing attempts. Additionally, rapidly changing domain names and URLs bolster their evasion strategies, making continuous detection a significant challenge.
👉 Pročitaj original: Cyber Security News
