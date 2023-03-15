Several high-volume phishing campaigns involving millions of emails have been conducted with the use of an open-source adversary-in-the-middle phishing kit developed by the DEV-1101 threat operation, The Hacker News reports. Microsoft Threat Intelligence researchers discovered that since its emergence last May, the open-source phishing kit with the capability to establish Microsoft Office and Outlook impersonating pages, allow mobile campaign management, and permit CAPTCHA checks, has been updated to enable the use of a Telegram bot for server management. Phishing emails delivered using the kit contain a PDF document link that redirects to a Microsoft sign-in portal-spoofing website and lures victims into completing CAPTCHA verification. "Inserting a CAPTCHA page into the phishing sequence could make it more difficult for automated systems to reach the final phishing page, while a human could easily click through to the next page," said Microsoft, which urged the use of FIDO2 security keys and other phishing-resistant authentication to curb attacks.