Growing Number of Phish Kits Bypass MFA

Feb 3, 2022 12:00 pm Cyber Security 194

Growing Number of Phish Kits Bypass MFA

Phishing kits designed to circumvent multi-factor authentication (MFA) by stealing session cookies are increasingly popular on the cybercrime underground, security researchers at Proofpoint have warned.



After years of prompting by security teams and third-party experts, MFA finally appears to have reached a tipping point of user adoption. Figures from Duo Security cited by Proofpoint in a new blog today claim that 79% of UK and US users deployed some kind of second-factor authentication in 2021 versus 53% in 2019.



However, the threat landscape is changing as a result. Phishing kits offer a cheap-and-easy way for budding cyber-criminals to launch and monetize campaigns.



“In recent years, Proofpoint researchers have observed the emergence of a new type of kit that does not rely on recreating a target website. Instead, these kits use a transparent reverse proxy to present the actual website to the victim,” the firm explained.



“Modern web pages are dynamic and change frequently. Therefore, presenting the actual site instead of a facsimile greatly enhances the illusion an individual is logging in safely. Another advantage of the reverse proxy is that it allows the threat actor to man-in-the-middle (MitM) a session and capture not only the usernames and passwords in real-time, but also the session cookie.”



These cookies can then be used to access a targeted account without needing a username, password or MFA token.



Proofpoint has already noticed an uptick ..

Support the originator by clicking the read the rest link below.

growing number phish bypass
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!