Last month's takedown of over 300 active domains used by the Tycoon 2FA phishing-as-a-service platform, which was once the most prolific PhaaS kit, has prompted threat actors to transfer to the Mamba 2FA, Sneaky 2FA, and EvilProxy platforms that have since integrated Tycoon 2FA's tools, according to SecurityWeek.Intrusions harnessing the four phishing kits have increased from nearly 20 million to more than 23 million despite the dismantling of Tycoon 2FA, with Mamba and EvilProxy accounting for most of the attacks, findings from a Barracuda Networks report revealed. Aside from being akin to open-source software that allows code reuse, alterations, and redeployment, PhaaS kits also feature inherent redundancy and persistent access that make them more resistant to detection and disruption."This does not mean the takedown operation failed. Rather, it shows what happens when disruption hits a maturing underground economy, and why security defenses need to look more broadly than individual players," said Barracuda.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds