Email security, Vulnerability Management

High-volume attacks facilitated by open-source AiTM phishing kit

Several high-volume phishing campaigns involving millions of emails have been conducted with the use of an open-source adversary-in-the-middle phishing kit developed by the DEV-1101 threat operation, The Hacker News reports. Microsoft Threat Intelligence researchers discovered that since its emergence last May, the open-source phishing kit with the capability to establish Microsoft Office and Outlook impersonating pages, allow mobile campaign management, and permit CAPTCHA checks, has been updated to enable the use of a Telegram bot for server management. Phishing emails delivered using the kit contain a PDF document link that redirects to a Microsoft sign-in portal-spoofing website and lures victims into completing CAPTCHA verification. "Inserting a CAPTCHA page into the phishing sequence could make it more difficult for automated systems to reach the final phishing page, while a human could easily click through to the next page," said Microsoft, which urged the use of FIDO2 security keys and other phishing-resistant authentication to curb attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.