Tech

Explained: How this phishing platform is helping amateur hackers bypass multi-factor authentication


Phishing-as-a-Service (PaaS) reverse proxy platform, named – EvilProxy reported to support newbies hacker to steal the auth token that will help them get past multi-factor authentication (MFA) on major sites like Apple, GoogleFacebook, Microsoft, Twitter and more. According to a report by a US-based cybersecurity company SecurityThe EvilProxy platform is also helping “low-skilled” cyber attackers who don’t even know how to set up a reverse proxy to compromise secured online accounts.
What are reverse proxies?
Reverse proxies are hidden servers between a user and a legitimate authentication endpoint (e.g. a corporate login form). Whenever a user is attacked by such a phishing site, the reverse proxy displays a legitimate login form, forwards the requests and returns a response from the company’s website so that the user is less suspicious. more doubtful. Furthermore, when the victim enters their credentials and MFA into the phishing page, they are even forwarded to the actual server of the company, so that the user can log in without any reason. no worries and the session cookie is returned.
However, it’s important to note that a hacker’s proxy is hiding between the user and the company’s servers, and it can also steal session cookies that contain authentication codes. The hacker then uses this authentication cookie to log into the website by impersonating the user and can even bypass the configured multi-factor authentication protections.

How is EvilProxy different from other phishing frameworks?
EvilProxy is said to allow hackers to set up and manage phishing campaigns that are also much easier to deploy. Furthermore, the platform even offers detailed video tutorials, a user-friendly graphical interface, and a list of cloned phishing sites for popular internet services.
Hackers can pay $400 for a month-long campaign on the platform that promises to steal usernames, passwords, and session cookies. Furthermore, the report also shared videos demonstrating how EvilProxy stole data from Google and Microsoft 2FA accounts. In addition, EvilProxy is also rumored to provide various tools to filter out unwanted visitors on platform-hosted phishing websites.

Many hackers are now turning to reverse proxy tools as MFA adoption continues to increase, and the availability of platforms that automate everything for these attackers is not good news for professionals. security experts, network administrators, and most importantly, end users.





Source link

news7f

News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button