A new hacking tool is said to defeat any Set up security protections and get access to some of the world’s most popular websites, according to reports.
The ilProxy tool, the operator behind Ev, said it was able to steal the information needed to bypass multi-factor authentication (MFA) systems used by companies including Apple, Google, Facebook, Microsoft, and Twitter authentication token.
The service is particularly concerning, as it promises to make such attacks accessible to all hackers, even those who may not have what it takes to attack such prominent targets The precise skill or knowledge of a hacker. Phishing Threat
This tool was approved by the security company ResecurityFound(Opens in a new tab), which states that EvilProxy (also known as Moloch) is a reverse proxy phishing-as-a-service (PaaS) platform that advertises on the dark web.
It offers the ability to steal usernames, passwords, and session chefs i.e. $150 for ten days and $150 for 20 days $250, or $400 for a month-long campaign — although attacks against Google cost more at $250, $450, and $600, respectively. A reverse proxy is usually between a website and some form of online authentication endpoint (such as a login page). EvilProxy uses phishing lures to trick victims into taking them to a legitimate page asking them to enter their login credentials and MFA information. This data is then sent to the intended legitimate website, logging them in, and a session cookie containing an authentication token is generated, which is sent to the victim.
However, this then, cookies and authentication tokens can be stolen by reverse proxies, which, as mentioned earlier, are located between the user and between legitimate websites. An attacker can then use this token to log into the site posing as the victim without having to re-enter information during the MFA process.
And security considerations From the cleverness of the attack itself, it’s easier to deploy than other man-in-the-middle (MITM) attacks, and EvilProxy’s is different The point is its user-friendly approach. Upon purchase, customers will receive detailed instructional videos and tutorials on how to use the tool, which has a clear and open graphical interface where users can set up and manage their phishing campaigns. It also provides an existing library of cloned phishing pages for popular internet services, along with the names mentioned above, including GoDaddy, GitHub, Dropbox , Instagram, Yahoo and Yandex, etc.
“While EvilProxy’s sale requires scrutiny, cybercriminals now have a cost-effective and scalable solution to perform advanced phishing attacks to Compromise consumers of popular online services by enabling MFA,” Resecurity noted.
“The presence of such services on the dark web will lead to a significant increase in ATO/BEC activity and cyber-attacks against end-user identities, with MFA It can be easily bypassed with the help of tools like EvilProxy.”
These are the best firewalls
(opens in new tab) is now available
via BleepingComputer (in a new tab Open)
Mike Moore is Associate Editor of TechRadar Pro. He has worked as a B2B and B2C technology reporter for nearly a decade, including at one of the UK’s leading national newspapers and future headline ITProPortal, and when he’s not keeping track of all the latest corporate and workplace trends, he’s likely to be found watching, following or Participate in some kind of sport.
