Pages

MFA is Powerless Against This Vicious New Hacking Tool

Countless security protocols have been put into place in order to stave off potential cyberattacks, but in spite of the fact that this is the case hackers, malicious actors and cybercriminals only keep upping the ante. This has resulted in a cyber arms race, with cybersecurity professionals often playing catchup with the aforementioned malicious actors once all has been said and is now out of the way.

With all of that having been said and now out of the way, it is important to note that a brand new hacking tool has just been noted which might topple the current cybersecurity infrastructure that so many rely on to keep themselves safe online. This tool is called EvilProxy, and it can potentially steal authentication tokens used for MFA on websites with all things having been considered and taken into account.

The most concerning thing about this hacking tool is how easy it is to use because of the fact that this is the sort of thing that could potentially end up turning inexperienced newbie hackers into seasoned professionals who can pose a major threat. A cybersecurity research firm by the name of Resecurity is first discovered this hacking tool which was going by the name of Moloch at that time. They found it widely available on the dark web as PaaS platform which stands for Phishing as a Service.


This hacking tool can significantly improve the efficacy of phishing attacks. It works by taking you to a legitimate login page, one that would not contain any of the red flags that may have made users aware that their information is about to be stolen. The hacking tool then redirects the information that is put in, and that can result in even the most cautious of users having their log in data end up in the wrong hands.

Cybercrime is turning into an industry in its own right, and cybersecurity researchers will have to figure out a way to get ahead of the curve. Until that happens, the risks that are found on the internet will continue to multiply and become more pronounced.

Read next: Common Email Security Practices Called Into Question as 89% of Organizations Suffered Breaches In the Past Year

No comments: