[MART] - Daily Diary #553 - AiTM Phishing Campaign Avoids Multifactor Authentication

CTAS-MAT ctas-mat at appgate.com
Fri Jul 15 20:21:13 UTC 2022


Hello,

I hope everyone is doing well!

Below is the entry for today.

07/15/2022 - Diary entry #553:

It was recently revealed a phishing campaign that hijacks session cookies, steals credentials, and bypasses Multi-Factor Authentication (MFA) attempted to target over 10,000 organizations.  Active since September 2021, its objective is to use victims' mailboxes to launch Business Email Compromise (BEC) attacks against other targets.

Based on the use of Adversary-in-The-Middle (AiTM) phishing sites, the threat actor implements a proxy server that sends HTTP packets between a targeted user and the website the user wishes to visit. Then, the attacker steals and intercepts the target's password and session cookie. If MFA has already been used to log in, the attacker can bypass the need for MFA and log in again later using the stolen password to perform fraudulent actions.

In response to MFA, attackers improved their techniques and started to use the AiTM to bypass it. However, MFA is still very effective and it should be complemented with other security measures.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220715/7f771114/attachment.htm>


More information about the MART mailing list