Cybercriminals Use New 'Tycoon 2FA' Kit to Bypass MFA and Steal User Credentials
-
Cybercriminals are using a new "Tycoon 2FA" phishing kit to bypass MFA and steal Microsoft 365 and Gmail login cookies.
-
Tycoon 2FA uses a 7-stage process involving phishing links, bot filters, credential stealing, fake 2FA challenges, etc. to intercept victims' sessions.
-
A new 2023 version improved Tycoon 2FA's evasion capabilities against security tools using delayed loading, URL randomization, etc.
-
The Bitcoin wallet linked to Tycoon 2FA has seen over 1,800 transactions totaling $394,015 since October 2019 as it gained popularity.
-
Tycoon 2FA is the latest addition to the growing phishing-as-a-service ecosystem already offering MFA-bypassing platforms like LabHost and Greatness.