Phishing kits that can bypass MFA get intensified by criminals

February 24, 2022
Phishing Kits MFA Bypass Cybercriminals MFA 2FA Threat Actors Cybersecurity

Researchers noticed that threat actors had adjusted their phishing kits to bypass MFA securities by upgrading them. The growing number of organisations that employed an MFA security feature has made the threat actors look for diverse ways to avoid the feature.

The idea of MFA security originated in 1986 when it first took the form of RSA tokens. Since the initial introduction of MFA, it has become necessary to secure both business and consumer space.

According to the latest tally provided by an authentication solution, about 78% of survey participants had employed MFA or 2FA authentication in 2021. The adoption of MFA security has dramatically risen since, in 2017, only 28% of organisations have adopted the security function.

 

The MFA adoption grows its numbers each year. That is why threat actors are also constantly developing their phishing kits to continue their malicious activities.

 

As MFA moves forward and sees widespread adaptation, threat actors have upgraded their phishing kits to bypass the security feature and grow their numbers.

Researchers found over a thousand phishing toolkits that can intercept 2FA codes. Although these toolkits are distributed in the wild, experts in Europe and North America have discovered most of them.

Moreover, a researcher stated that the emergence of a new strain of phishing toolkits utilised a transparent reverse proxy to take their victims to an almost legitimate-looking malicious website. As a result, this phishing kit could enable threat actors to deploy a MitM attack and steal usernames and passwords along with cookies.

The actors can also utilise the stolen session cookies to access targeted accounts without an MFA token.

As more firms and organisations adopt layered security functionalities such as MFA, threat actors will also develop new TTPs to bypass the MFA. Cybersecurity experts advise organisations to deal with every loophole that a phishing kit can exploit before upgrading into a new, unexpected evolution.

About the author

Leave a Reply