👾 #Sneaky2FA is a #phishing kit that beats corporate 2FA and steals Microsoft 365 credentials. Equipped with evasion mechanisms, it can bypass detection.

Learn to catch it and gather fresh #IOCs: https://any.run/malware-trends/sneaky2fa/?utm_source=mastodon&utm_medium=post&utm_campaign=sneaky2fa&utm_content=tracker&utm_term=160625

🎣 Leveraging our telemetry and proactive hunting, we ranked the most widespread AitM phishing kits - #Tycoon2FA, #Storm1167, #NakedPages, #Sneaky2FA, and more.

Additionally, the article includes summary sheets covering 11 AitM phishing kits.

🚨 New Threat Alert: #Sneaky2FA PhaaS targets Microsoft 365, leveraging AiTM phishing, anti-bot features, and Telegram-based operations. Real-time credential theft + session hijacking = 🚩.

Read: https://hackread.com/telegram-sneaky-2fa-phishing-kit-microsoft-365-accounts/

#CyberSecurity #Phishing #Microsoft365 #Telegram #Scam

El nuevo kit de #phishing #Sneaky2FA se dirige a cuentas de #Microsoft365 con omisión de códigos #2FA
https://blogs.masterhacks.net/noticias/hacking-y-ciberdelitos/el-nuevo-kit-de-phishing-sneaky-2fa-se-dirige-a-las-cuentas-de-microsoft-365-con-omision-de-codigo-2fa/

🔍 TDR analysts discovered a new Adversary-in-the-Middle (#AiTM) #phishing kit, specifically targeting Microsoft 365 accounts and circumventing 2-step verification: Sneaky 2FA

https://blog.sekoia.io/sneaky-2fa-exposing-a-new-aitm-phishing-as-a-service/

#detection #sneaky2fa