"Growing Number of Phish Kits Bypass MFA"

Security researchers at Proofpoint found that multi-factor authentication (MFA) finally appears to have reached a tipping point of user adoption.  Security researchers have found that  79% of UK and US users deployed some kind of second-factor authentication in 2021 versus 53% in 2019.  However, the threat landscape is changing as a result.  Phishing kits offer a cheap-and-easy way for budding cyber-criminals to launch and monetize campaigns.  In recent years,  researchers have observed the emergence of a new type of kit that does not rely on recreating a target website.  Instead, these kits use a transparent reverse proxy to present the actual website to the victim.  The security researchers stated that the advantage of the reverse proxy is that it allows the threat actor to man-in-the-middle (MitM) a session and capture not only the usernames and passwords in real-time but also the session cookie.  The researchers noted that these cookies could then be used to access a targeted account without needing a username, password, or MFA token.  Proofpoint has already noticed an uptick in the availability of such phishing kits and warned that the trend would only increase as MFA becomes more popular. 

Infosecurity reports: "Growing Number of Phish Kits Bypass MFA"