Onion Information

Page Clicks: 0

First Seen: 03/12/2024

Last Indexed: 10/23/2024

Domain Index Total: 101

cybercrime news Iris Green Writer Phishing-as-a-Service introduced, enabling criminals to create convincing phishing pages May 22, 2023 (Updated: July 18, 2023 ) Cybercriminals have been using an innovative phishing-as-a-service (PhaaS or PaaS) platform named Greatness to target business users of Microsoft's 365 cloud service since at least mid-2022. This platform has significantly simplified phishing attacks, making them more accessible to a wider range of attackers. Cisco Talos researcher Tiago Pereira reveals that Greatness primarily focuses on Microsoft 365 phishing pages and offers affiliates an attachment and link builder to create highly convincing decoy and login pages. These pages have features such as the victim's email address pre-filled, along with the appropriate company logo and background image extracted from the target organization's genuine Microsoft 365 login page. Notably, manufacturing, healthcare, and technology entities located in the U.S., the U.K., Australia, South Africa, and Canada have been the main targets of Greatness campaigns. There has been a surge in activity detected in December 2022 and March 2023. Phishing kits like Greatness provide threat actors, regardless of their level of expertise, with a cost-effective and scalable solution for designing convincing login pages associated with various online services. These kits can also bypass two-factor authentication (2FA) protections. The decoy pages, which appear authentic, function as reverse proxies to harvest credentials and time-based one-time passwords (TOTPs) entered by victims. Typically, the attack begins with malicious emails containing HTML attachments. Upon opening the attachment, obfuscated JavaScript code is executed, redirecting the user to a landing page. This landing page is personalized with the recipient's email address already filled in and prompts the user to enter their password and MFA (multi-factor authentication) code. The entered credentials and tokens are then sent to the affiliate's Telegram channel, enabling unauthorized access to the compromised accounts. The AiTM phishing kit also includes an administration panel, empowering affiliates to configure the Telegram bot, keep track of stolen information, and even create booby-trapped attachments or links. Each affiliate must possess a valid API key to load the phishing page, which also acts as a protective measure against unwanted IP addresses and facilitates covert communication with the actual Microsoft 365 login page by masquerading as the victim. Working together, the phishing kit and the API execute a 'man-in-the-middle' attack, where information is extracted from the victim and immediately submitted to the legitimate login page in real-time. This enables the PaaS affiliate to steal usernames, passwords, and authenticated session cookies, particularly when the victim is using MFA. These findings coincide with Microsoft's efforts to enhance 2FA protections and counter prompt bombing attacks. Starting from May 8, 2023, Microsoft has implemented number matching in Microsoft Authenticator push notifications. Some similar articles you may like! Iris Green July 19, 2023 Wormgpt - Chatgpt Rival With 'No Ethical Boundaries', Sold On The Dark Web Researchers have warned about an AI tool called WormGPT, which has "no ethical boundaries or limitations" and is being advertised on the dark web for use in hac... cybercrime news Darknet Markets Top darknet markets, feel free to explore. Purchase at your own risk, but we don't encourage. Ares Market Mgm Grand Market Archetyp Market Drug Hub Market Super Market Omg!Omg! Market (Ru) Cypher Market Dark Matter Market Abacus Market More darknet markets Vendor Stores Some known vendors who run their own dark web stores. Smackers Vendor Shop Gammagoblin Heineken Express More vendor stores Search Engines Can't find what you're looking for? Maybe try one of the search engines. Tordex Torch Venus More search engines Forums Reach out to members of the darknet community and improve your research thru these forums. Dread Libre More forums Popular Top 8 Darknet Markets Mgm Grand Market Ares Darknet Market Omg!Omg! Darknet Market