Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
This analysis explores the Rockstar 2FA phishing-as-a-service kit, focusing on real-world email campaign examples. It highlights various techniques used by attackers, including the abuse of legitimate services for FUD (Fully Undetectable) links, such as Microsoft OneDrive, OneNote, Dynamics 365, Atlassian Confluence, and Google Docs Viewer. The use of QR codes in phishing attempts and the insertion of stolen email threads to inflate message size are also discussed. The article emphasizes the multi-stage nature of these attacks and the importance of caution when dealing with emails sent through trusted platforms.
OPENCTI LABELS :
phishing,email campaigns,phishing-as-a-service,rockstar
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)