Abnormal Security has released its latest blog reporting on how cybercriminals use Evilginx to bypass multi-factor authentication (MFA) in attacks targeting Gmail, Outlook, Yahoo, and more.
Evilginx, a tool commonly used in phishing attacks, operates as a middleman between users and legitimate websites. It intercepts and manipulates traffic, allowing cybercriminals to steal login credentials, session cookies, and other sensitive information.
Attackers typically configure Evilginx to mimic high-value targets such as online banking portals, cloud service providers, email platforms, and social media sites. These sites often rely on MFA as a security measure, and the tool offers a way to bypass that protection.
Abnormal shows a custom price list for these configurations, including brands/services (LinkedIn, Intuit, Telegram, GitHub, Airbnb, and the previously mentioned email platforms), price, website, login URL, and details. Evilginx has also become a service that cybercriminals sell to each other.
Abnormal Security’s research team demonstrates:
- Why Evilginx has become a valuable tool for cybercriminals involved in phishing campaigns
- What is the potency of the tool in real-world cyber espionage and nation-state-sponsored hacking
- How organizations can protect themselves against AiTM Attacks
You can read the blog entry here.
Like this:
Like Loading...
Related
This entry was posted on September 19, 2024 at 8:57 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Cybercriminals Use Evilginx To Bypass MFA… Gmail, Outlook, Yahoo Among Top Targets
Abnormal Security has released its latest blog reporting on how cybercriminals use Evilginx to bypass multi-factor authentication (MFA) in attacks targeting Gmail, Outlook, Yahoo, and more.
Evilginx, a tool commonly used in phishing attacks, operates as a middleman between users and legitimate websites. It intercepts and manipulates traffic, allowing cybercriminals to steal login credentials, session cookies, and other sensitive information.
Attackers typically configure Evilginx to mimic high-value targets such as online banking portals, cloud service providers, email platforms, and social media sites. These sites often rely on MFA as a security measure, and the tool offers a way to bypass that protection.
Abnormal shows a custom price list for these configurations, including brands/services (LinkedIn, Intuit, Telegram, GitHub, Airbnb, and the previously mentioned email platforms), price, website, login URL, and details. Evilginx has also become a service that cybercriminals sell to each other.
Abnormal Security’s research team demonstrates:
You can read the blog entry here.
Share this:
Like this:
Related
This entry was posted on September 19, 2024 at 8:57 am and is filed under Commentary with tags Abnormal Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.