"Tycoon 2FA was widely used by independent affiliates. This means that variants of Tycoon 2FA's attack code that have been cloned or modified by individual adversaries continue circulating."
"Despite the rebound, Tycoon 2FA lost the PhaaS crown, as threat actors have migrated to other platforms, such as Mamba 2FA, EvilProxy, and Sneaky 2FA."
"The overall number of attacks leveraging these four phishing kits has increased following the disruption, from roughly 20 million to over 23 million."
Tycoon 2FA, a phishing-as-a-service platform, was heavily utilized for phishing attacks and two-factor authentication bypasses, impacting half a million organizations. Following a law enforcement operation that seized 330 domains, Tycoon 2FA lost its leading position to platforms like Mamba 2FA and EvilProxy. Despite the disruption, the overall number of phishing attacks increased, indicating that the underlying ecosystem remains resilient. Variants of Tycoon 2FA's code continue to circulate, and the PhaaS landscape is evolving with threat actors modifying and redeploying tools.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]