Email security, Vulnerability Management

High-volume attacks facilitated by open-source AiTM phishing kit

Several high-volume phishing campaigns involving millions of emails have been conducted with the use of an open-source adversary-in-the-middle phishing kit developed by the DEV-1101 threat operation, The Hacker News reports. Microsoft Threat Intelligence researchers discovered that since its emergence last May, the open-source phishing kit with the capability to establish Microsoft Office and Outlook impersonating pages, allow mobile campaign management, and permit CAPTCHA checks, has been updated to enable the use of a Telegram bot for server management. Phishing emails delivered using the kit contain a PDF document link that redirects to a Microsoft sign-in portal-spoofing website and lures victims into completing CAPTCHA verification. "Inserting a CAPTCHA page into the phishing sequence could make it more difficult for automated systems to reach the final phishing page, while a human could easily click through to the next page," said Microsoft, which urged the use of FIDO2 security keys and other phishing-resistant authentication to curb attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds