It appears that Gmail and Microsoft 365 accounts are in danger because of a newly discovered phishing kit that could put your accounts in a lot of danger. Now, most of our accounts are protected by two-factor authentication, and for the most part, it is one of the safest ways to prevent anything wrong from happening to your account. However, Tycoon 2FA, which is a new adversary in the middle, is now a threat to both of the aforementioned accounts.
Gmail, Microsoft 365, and possibly other accounts are in danger thanks to the new Tycoon 2FA attack
The kit is said to be linked with the Tycoon 2FA Phishing-as-a-service (PhaaS) platform. Now, hackers have obtained this kit, and they are targeting Microsoft 365 and Gmail accounts. If you are someone who is not always vigilant about phishing attacks, you can easily fall victim to one of these attacks. Therefore, you are advised to be more careful than before.
The attack targeting Gmail and Microsoft 365 accounts was discovered by the Sekoia Threat Detection & Research team. Tycoon 2FA works as a Phishing-as-a-Service platform that garnered fame in private Telegram channels, and it uses the Adversary-in-the-Middle phishing kit. Using this kit, a reverse proxy server hosts the phishing page, and once that is done, actual services then relay the credentials.
So, how is the Tycoon 2FA so successful so far? Well, the attack starts when you receive an email with a QR code or website that redirects you to the phishing website, and once you interact with the link or the QR code, this triggers the Cloudflare security check that websites use when it comes to handling unwanted traffic, and since these security checks are a lot more common, people don't pay much attention to these and just ignore, all the time.
Once you, the victim, have completed the security challenge, you will then be taken to a fake Microsoft page that will take your credentials. The kit will then go ahead and even bring up a fake 2FA prompt on your phone, and from that point, it is too late, and there is not much you can do> The same works for Gmail accounts or any other account that is being targeted at the moment.
Protecting yourself from phishing attacks is something that you have to be always certain about. There are attacks happening every day and, sometimes, faster than we can even imagine, and things can get a lot trickier. Especially once you are in the crosshair. I know someone who had become a permanent fixture for the hackers, with their accounts being hacked numerous times despite trying everything to protect the accounts. So, it is best that you are being as careful
