Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Trustwave SpiderLabs has been monitoring the rise of Phishing-as-a-Service (PaaS) platforms, focusing on a kit named 'Rockstar 2FA' linked to widespread adversary-in-the-middle (AiTM) phishing attacks. The campaign, targeting Microsoft user accounts, employs car-themed web pages and has seen a significant increase since August 2024. Rockstar 2FA, an updated version of the DadSec/Phoenix kit, operates under a PaaS model and offers features like 2FA bypass, cookie harvesting, and antibot protection. The attacks use various email delivery mechanisms and themes to bypass traditional filters, affecting users across multiple sectors and regions.
OPENCTI LABELS :
microsoft 365,aitm,dadsec,phishing-as-a-service,rockstar 2fa
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)