Caffeine service lets anyone launch Microsoft 365 phishing attacks


Hacker staring at numerous screens

While investigating phishing activity targeting Mandiant Managed Defense customers in March 2022, Managed Defense analysts discovered malicious actors using a shared Phishing-as-a-Service (PhaaS) platform called “Caffeine”. This platform has an intuitive interface and comes at a relatively low cost while providing a multitude of features and tools to its criminal clients to orchestrate and automate core elements of their phishing campaigns. These features include (but are not limited to) self-service mechanisms to craft customized phishing kits, manage intermediary redirect pages and final-stage lure pages, dynamically generate URLs for hosted malicious payloads, and track campaign email activity.

Read more…