Thousands of phishing toolkits have been identified that can intercept 2FA security codes and bypass security, according to a team of researchers. Hackers can intercept 2FA verification processes using a variety of phishing techniques.
The rise of phishing toolkits
In recent years, man-in-the-middle (MitM) phishing toolkits have grown in popularity.
Over 1,200 toolkits were discovered to be in use, according to the researchers. The rise in popularity appears to be related to IT companies making 2FA the default security option.
New tools are being used by attackers to steal users’ authentication cookies, which are files created in a web browser whenever a person registers into an account after completing the two-factor authentication process.
The attackers utilised a form of infostealer to steal authentication cookie files from machines in the majority of cases.
Another method, known as MitM, involves intercepting authentication cookies as they travel from the service provider to the user’s device. This does not necessitate the use of malware to infect a machine.
According to reports, attackers are steadily improving their previous phishing toolkits to include a wider range of approaches.
MitM vs. real-time phishing
Furthermore, the majority of these MitM phishing toolkits in use by attackers are based on security researcher-created tools such as Evilginx, Modlishka, and Muraena.
Phishing toolkits are becoming more widely used and popular among cybercriminals. These toolkits are simple to use, and the most of them are free. Vulnerable enterprises, on the other hand, can employ a reverse proxy and a tool called PHOCA to identify a phishing site.