Microsoft user accounts are the prime target of these campaigns, as target Microsoft 365 (O365) login pages. One distinguishable Cybersecurity researchers at Trustwave have discovered "Rockstar 2FA," a phishing-as-a-service platform designed to help hackers and script Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users
Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. From Rockstar2FA to FlowerStorm: Investigating a Blooming
New Rockstar 2FA phishing service targets Microsoft 365 accounts How to Defend Against Rockstar 2FA Bypass Attacks Targeting Sneaky 2FA: New Phishing-as-a-Service targets Microsoft 365, leveraging sophisticated evasion techniques and a Telegram-based platform to steal credentials.
Report Identifies Rise in Phishing-as-a-Service Attacks -- Campus in malicious e-mail campaigns leveraging Rockstar 2FA, a phishing-as-a-service (PhaaS) toolkit designed to steal Microsoft 365 credentials. Rockstar 2FA' has emerged, facilitating large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials.
Phishing-as-a-Service Rockstar 2FA continues to be prevalent Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA FlowerStorm is a phishing-as-a-service platform that leverages Adversary-in-the-Middle attacks to steal Microsoft 365 credentials and bypass MFA.
Rockstar 2FA is a phishing-as-a-service kit targeting Micorosft and Google services Microsoft 365. In some instances, users may be Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
"This campaign employs an AiTM attack, allowing attackers to intercept user credentials and session cookies, which means that even users with Telegram-Based "Sneaky 2FA" Phishing Kit Targets Microsoft 365 New Rockstar 2FA Phishing-as-a-Service Kit Targets Microsoft 365
How Rockstar 2FA Phishing Kit Targets Microsoft 365 Accounts