Microsoft Warns of Large-Scale AiTM Phishing Attacks Against Over 10,000 Organizations

From thehackernews.com

AiTM Phishing Attacks

Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365’s authentication process even on accounts secured with multi-factor authentication (MFA).

“The attackers then used the stolen credentials and session cookies to access affected users’ mailboxes and perform follow-on business email compromise (BEC) campaigns against other targets,” the company’s cybersecurity teams reported.

The intrusions entailed setting up adversary-in-the-middle (AitM) phishing sites, wherein the adversary deploys a proxy server between a potential victim and the targeted website so that recipients of a phishing email are redirected to lookalike landing pages designed to capture credentials and MFA information.

Read more…