Phishing, Threat Intelligence, Identity

Advanced stealthy Astaroth phishing kit emerges

Malware phishing data concept

(Adobe Stock Images)

Hackread reports Microsoft, Gmail, Yahoo, and other authentication services' login credentials are being targeted by the newly emergent Astaroth phishing kit, which leverages an evilginx-style reverse proxy enabling man-in-the-middle attacks while evading two-factor authentication.

Intrusions with Astaroth involve the distribution of malicious links redirecting to a seemingly legitimate website luring targets into providing their login credentials, which are later pilfered, an analysis from SlashNext revealed. Aside from circumventing headless detection and facilitating account credential and cookie exfiltration, Astaroth — which is being peddled for $2,000 on Telegram — also offers bulletproof hosting and half a year's worth of support and updates for its users. Astaroth "shows an alarming amount of sophistication. All the usual defenses and things to look out for that we train users on are harder to spot with this attack. Having the infrastructure running on providers who don't cooperate with law enforcement will make it more difficult to take down these malicious actors," said Black Duck Principal Consultant and Network and Red Team Practice Director Thomas Richards.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

Related

Immigration-themed phishing attack uncovered

Attacks involved the delivery of malicious emails warning travelers of potential denied entry due to incomplete immigration requirements that include a link redirecting to a fake government portal-spoofing website facilitating login credential and payment data theft, a report from Cofense revealed.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Account HarvestingBasic AuthenticationBrute ForceCertificate-Based AuthenticationChallenge-Handshake Authentication Protocol (CHAP)CorruptionDomain HijackingDumpSecDumpster DivingFault Line Attacks

You can skip this ad in 5 seconds