Home/News/New Phishing Kits Target Microsoft 365, Evade MFA
BleepingComputer2 min read

By Interestana AI Editorial — AI-drafted, human-overseen. How we report

New Phishing Kits Target Microsoft 365, Evade MFA

Two sophisticated phishing kits, identified as Jalisco and OmegaLord, have emerged, specifically targeting Microsoft 365 accounts with advanced evasion techniques. These kits are designed to circumvent multi-factor authentication (MFA), a critical security layer, making them a significant threat to user accounts. The discovery was made by security researchers who observed these kits in active campaigns.

Jalisco, one of the identified kits, utilizes a technique that involves redirecting victims to legitimate Microsoft login pages after initial credential capture. This method aims to trick users into believing they are interacting with a genuine Microsoft service, thereby increasing the likelihood of successful credential theft. The kit's architecture allows for the seamless transfer of session cookies, which can then be used to bypass MFA prompts.

OmegaLord, the second kit, employs a different but equally effective strategy. It focuses on capturing MFA codes directly from users through deceptive prompts that mimic legitimate authentication processes. This approach exploits user trust and the urgency often associated with MFA requests. Both kits demonstrate a growing trend in cybercriminal sophistication, moving beyond basic credential harvesting to actively defeat modern security measures.

The threat actors behind these kits are leveraging these tools to gain unauthorized access to sensitive data and corporate resources within Microsoft 365 environments. The implications are far-reaching, potentially leading to data breaches, financial fraud, and further downstream attacks. Security professionals are advising users to remain vigilant, scrutinize login pages, and be wary of unexpected authentication requests, even when they appear to originate from trusted services like Microsoft.

Original source — read the full reporting at the publisher:

Read on BleepingComputer

Get the weekly AI digest

AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.

Read next