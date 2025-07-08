Identity-related cyberattacks totaled 19,000 from 2024 to the first three months of 2025, representing a 156% increase over 2023, according to Infosecurity Magazine.
Mounting adoption of the Tycoon 2FA phishing-as-a-service platform has fueled such growth, with the tool having more users than the EvilProxy and Sneaky 2FA PhaaS platforms during the first five months of 2025, a report from eSentires Threat Response Unit revealed. Tycoon 2FA, which could be availed for $200-$300 per month, has been leveraged by threat actors for business email compromise campaigns. Information-stealing malware, which has a lower barrier to entry, has also facilitated increased identity-based cyber intrusions, with payloads like the Lumma Stealer enabling the compromise of email, banking, password manager, crypto wallet, browser extension, and VPN credentials for at least $10. Identity-based intrusions are only expected to increase due to their highly lucrative nature, prompting researchers to recommend the implementation of zero-trust, phishing-resistant authentication, and real-time access monitoring measures.
Mounting adoption of the Tycoon 2FA phishing-as-a-service platform has fueled such growth, with the tool having more users than the EvilProxy and Sneaky 2FA PhaaS platforms during the first five months of 2025, a report from eSentires Threat Response Unit revealed. Tycoon 2FA, which could be availed for $200-$300 per month, has been leveraged by threat actors for business email compromise campaigns. Information-stealing malware, which has a lower barrier to entry, has also facilitated increased identity-based cyber intrusions, with payloads like the Lumma Stealer enabling the compromise of email, banking, password manager, crypto wallet, browser extension, and VPN credentials for at least $10. Identity-based intrusions are only expected to increase due to their highly lucrative nature, prompting researchers to recommend the implementation of zero-trust, phishing-resistant authentication, and real-time access monitoring measures.