A new phishing-as-a-service tool called Rockstar 2FA is targeting Microsoft 365 users with sophisticated adversary-in-the-middle (AiTM) attacks, allowing hackers to bypass two-factor authentication (2FA).
The service, offered for $200 to $350, helps cybercriminals launch large-scale phishing campaigns without technical skills. It employs legitimate services to host phishing links and includes features like session cookie harvesting and antibot protection. Researchers are warning that even with 2FA, users remain vulnerable to these advanced tactics.
Stay vigilant, and update your security measures!
The service, offered for $200 to $350, helps cybercriminals launch large-scale phishing campaigns without technical skills. It employs legitimate services to host phishing links and includes features like session cookie harvesting and antibot protection. Researchers are warning that even with 2FA, users remain vulnerable to these advanced tactics.
Stay vigilant, and update your security measures!