Hackers have begun adapting to wider use of multi-factor authentication

Proofpoint researchers have found that “phish kits” available for purchase online are beginning to adapt to MFA by adding transparent reverse proxies to their list of tools.

Image: Adobe Stock/profit_image

Security researchers at Proofpoint are warning of a new threat that’s only likely to become more serious as time goes on: Hackers who publish phishing kits are beginning to add multi-factor authentication bypassing capabilities to their software.

Proofpoint said that a recent study from MFA company Duo found that, as of 2021, 78% of people have or do use MFA, compared to just 28% in 2017. That rapid increase surely ruffled some cybercriminal feathers in the past few years, but that hardly means they’re down for the count. If anything, enterprising hackers are motivated by a challenge like the one posed by MFA, and Proofpoint seems to have evidence that they’ve succeeded.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

According to Aimei Wei, founder and CTO of Stellar Cyber, the man-in-the-middle phishing technique that has evolved to combat MFA “is already out there and happening. Consumers as well as enterprise users are already being targeted.”

The evolution of phishing by proxy

Traditionally, Proofpoint said in its report, phishing kits available for sale online range from “simple open-source kits with human readable code and no-frills functionality to sophisticated kits utilizing numerous layers of obfuscation and built-in modules that allow for stealing usernames, passwords, MFA tokens, social security numbers and credit card numbers.” The way they typically do that is to recreate a target website, like a login page, in the hopes of tricking unaware users.

See also  How synthetic data will power the future of AI

With MFA in the mix, fake pages are rendered useless: While an attacker may have a username and password, the second factor remains out of reach. Enter what Proofpoint calls “a new kind of kit” that, instead of recreating a page, uses a transparent reverse proxy to act as a man-in-the-middle. By intercepting all the traffic between a victim and their destination server, these transparent proxy MitM attacks allow the user to carry on without ever knowing that their credentials, and their session cookie, have been stolen.

In addition to allowing an attacker to hijack credentials and MFA codes, Proofpoint said that this new technique also gives attackers more staying power. “Modern web pages are dynamic and change frequently. Therefore, presenting the actual site instead of a facsimile greatly enhances the illusion an individual is logging in safely,” the report said.

Proofpoint noted that there are three phish kits that have emerged as the big players in the transparent reverse proxy MitM sphere: Modlishka, Muraena/Necrobrowser and Evilginx2. All have different capabilities making them better suited to certain purposes, but they also have a big feature in common: They were created for legitimate purposes, like penetration testing.

SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)

“Although online services may utilize [any of those three tools] to stop phishing attempts as they occur, with the ever increasing online services that enterprises are using today, it is hard to make sure that [every vendor] has this protection in place,” Wei said.

Both Wei and Proofpoint warn that transparent proxy MitM phishing attacks are only going to grow as more businesses adopt MFA. Basically, it’s a bad idea to rely on multiple authentication factors as the only insurance against stolen accounts.

See also  Live video is a pain for developers to deliver. Mux hopes to change that.

Noting that Google began requiring MFA for all of its users, Proofpoint said that as more organizations, both enterprises and consumer-facing ones, adopt similar technology, hackers will be more motivated to turn to cheap, ready-to-use, hosted malware solutions.

“They are easy to deploy, free to use and have proven effective at evading detection. The industry needs to prepare to deal with blind spots like these before they can evolve in new unexpected directions,” Proofpoint said.

Source link

© 2022, Admin. All rights reserved.

istanbul escort aksaray escort arnavutköy escort ataköy escort avcılar escort avcılar türbanlı escort avrupa yakası escort bağcılar escort bahçelievler escort bahçeşehir escort bakırköy escort başakşehir escort bayrampaşa escort beşiktaş escort beykent escort beylikdüzü escort beylikdüzü türbanlı escort beyoğlu escort büyükçekmece escort cevizlibağ escort çapa escort çatalca escort esenler escort esenyurt escort esenyurt türbanlı escort etiler escort eyüp escort fatih escort fındıkzade escort florya escort gaziosmanpaşa escort güneşli escort güngören escort halkalı escort ikitelli escort istanbul escort kağıthane escort kayaşehir escort küçükçekmece escort mecidiyeköy escort merter escort nişantaşı escort sarıyer escort sefaköy escort silivri escort sultangazi escort suriyeli escort şirinevler escort şişli escort taksim escort topkapı escort yenibosna escort zeytinburnu escort porno 1080p porno izle 4k porno izle 720p porno izle abella danger alman alman porno alman porno izle aloha tube porno amatör amatör porno amatör porno izle anal anal porno anal porno izle arap porno asa akira porno asyalı porno bangbros porno bangbros porno izle banyoda sikis başörtülü porno beeg porno izle beyaz tenli porno izle biseksuel porno izle bisexsuel porno brandi love porno brazzers brazzers porno izle canli porno canli porno izle çinli porno çinli porno izle ensest porno ensest porno izle ensest seks erotik porno erotik porno izle esmer porno esmer porno izle etek altı fake agent fake taxi fake taxi porno fantazi pornoları fantezi porno izle fetiş porno fetiş porno izle fetish fransız porno fransız porno izle full hd hg porno izle gangbang porno genç kız porno izle genç kız sikişi genç teen porno izle gizli çekim porno gizli çekim pornosu grup pornosu grup porno grup porno izle hd pornolar hd porno hd porno izle hemşire porno hemşire pornosu hizmetçi porno hizmetçi porno izle ingiliz porno japon pornoları japon porno kızlık bozma kızlık bozma porno izle konulu porno konulu porno izle koreli porno köylü pornoları kumral porno kumral porno izle latin pornoları latin porno latin porno izle lezbiyen pornoları lezbiyen porno lezbiyen porno izle lisa ann porno liseli pornoları liseli porno liseli porno izle manken porno manken porno izle masaj porno izle masturbasyon porno izle masturbasyon pornoları mature porno mia khalifa porno mia malkova porno milf porno izle mobil porno mobil porno izle öğrenci porno izle öğretmen porno izle okul porno izle olgun kadın pornosu olgun porno oral porno oral porno izle oral seks porna izle pornhub pornhub porno izle porno film izle porno indir porno izle porno resimler porno star porntube porno izle redtube redtube pornoları riley reid porno rokettube rus pornoları rus porno rus porno izle sakso blowjob porno izle sarışın pornoları sarışın porno sarışın porno izle sarışın pornoları sekreter porno shemale sikiş sikiş sikiş izle şişman porno siyahi pornoları suriyeli pornoları swinger porno tecavüz porno teen porn türbanlı pornoları türbanlı porno türk pornoları türk porno türk porno izle türkçe altyazılı porno türkçe altyazılı porno izle xhamster pornoları xhamster porno xhamster porno izle xnxx xnxx porno xnxx porno izle xvideos xvideos porno izle yaşlı porno yeşilçam porno izle youjizz youporn youporn porno izle zenci porno güvenilir bahis siteleri bahis siteleri casino deneme bonusu casino siteleri deneme bonusu para yatırma bonusu bahis siteleri casino siteleribahis sitesi para yatırma