Did you know Hackers Expose Shocking 2FA Flaw: Are Your Microsoft Accounts at Risk?

 

French cybersecurity experts are raising the alarm against a new sneaky 2FA attack that targets Microsoft 365 accounts.

The matter has to do with a cybercrime unit dubbed Sneaky Log that was involved in selling phishing kits called Sneaky 2FA. This can target users on Microsoft by stealing sensitive credentials and bypassing any kind of 2FA protections along the way.

Researchers from the cybersecurity company Sekoia shared a new report warning more about this kit and how it operates through bots using Telegram and targeting Microsoft users.

Customers report getting access to obfuscated variants of different source codes and opt to use them independently. All the phishing pages get hosted on a compromised interface that entails WordPress websites and a host of different domains that are in the control of attackers. 

 It costs nearly $200 each month and sales teams from Sneaky Log put out reductions that bring expenses down based on how long the subscription is in use. The kits are very similar to others in the industry. They harvest frequent attacks so that authentication arises to make it all seem genuine. Threat actors even hide the Microsoft web pages in the background to prevent anyone from getting a hint of login authenticity.

Some sneaky bits that users need to be mindful of include ways to populate email IDs belonging to victims, evading detection via Cloudflare Turnstile, and redirecting security tools to other platforms like Wikipedia.

The fact that it uses traffic filters and guardrails to prevent detection is a point worth pondering. It convinces users that everything is real by hosting on the compromised interface without users knowing through convincing login forms that are pre-populated from the start. It all adds to increased deception.

Thankfully, there are ways to be safe including restricting access and curtailing damage for the future by organizations. This combined with robust password managers can ensure users’ credentials remain safe and stored correctly. It also rids getting exposed to phishing campaigns.

As per security researchers, using password managers is your best means to ensure safety as it stops you from adding sensitive credentials to spoofed pages. Only those confirmed to be authentic will be shown by the manager.