216.73.217.139

Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)

· Published 04/12/2024 23:12 · Modified 05/12/2024 10:25

Export JSON

Essential information

Published
04/12/2024 23:12
Modified
05/12/2024 10:25
Tags
2024-12-03 2024-12-04 aitm dadsec email campaigns microsoft 365 phishing phishing-as-a-service rockstar rockstar 2fa
Related entities
51 observables, 6 techniques (mitre)

Description

This analysis explores the kit, focusing on real-world email campaign examples. It highlights various techniques used by attackers, including the abuse of legitimate services for FUD (Fully Undetectable) links, such as Microsoft OneDrive, OneNote, Dynamics 365, Atlassian Confluence, and Google Docs Viewer. The use of QR codes in attempts and the insertion of stolen email threads to inflate message size are also discussed. The article emphasizes the multi-stage nature of these attacks and the importance of caution when dealing with emails sent through trusted platforms.

External references