🚨 Greatness #PhaaS turns a fake Microsoft 365 login page into a potential BEC, data theft, and payment fraud incident.

👨‍💻 Learn how its branded lures, MFA bypass capabilities, and credential theft workflows put business identities at risk: https://any.run/malware-trends/greatness/?utm_source=mastodon&utm_medium=post&utm_campaign=greatness_mtt&utm_term=220626&utm_content=linktomtt

INTERPOL Dismantles Sniper Dz Phishing-as-a-Service

🔗 https://cybersecurefox.com/en/interpol-operation-ramz-sniper-dz-phishing-platform

#sniper #dz #phishing #as #a #service #phaas #group-ib #operation #ramz

📣🚨🪝Group-IB, INTERPOL and Algerian Police have dismantled a decade-old Phishing-as-a-Service (#PhaaS) Network called #SniperDZ, known for providing ready-made login pages to steal credentials. Its alleged developer has been arrested as well.

Read: https://hackread.com/authorities-dismantle-sniperdz-phishing-network/

#CyberSecurity #CyberCrime #Phishing #Algeria #Interpol

🚨 𝗢𝗔𝘂𝘁𝗵 𝗧𝗼𝗸𝗲𝗻 𝗔𝗯𝘂𝘀𝗲 𝗜𝘀 𝗚𝗿𝗼𝘄𝗶𝗻𝗴: 𝗚𝗿𝗲𝗮𝘁𝗻𝗲𝘀𝘀 𝗥𝗲𝘁𝘂𝗿𝗻𝘀 𝘄𝗶𝘁𝗵 𝗗𝗲𝘃𝗶𝗰𝗲 𝗖𝗼𝗱𝗲 𝗣𝗵𝗶𝘀𝗵𝗶𝗻𝗴
We've identified renewed activity associated with the Greatness #PhaaS, which combines #AiTM and Device Code #Phishing to target Microsoft 365 Accounts.

⚠️ Device Code Phishing abuses Microsoft's legitimate device authorization flow to obtain access tokens without directly collecting passwords or MFA codes. This shifts risk from credential theft to token abuse, reducing traditional phishing indicators for SOC teams to detect and investigate.

❗️ Greatness promotes token- and cookie-based access to Microsoft 365 accounts through its Telegram channel, advertising passwordless and code-less account compromise scenarios.

Observed capabilities include:
🔹 Device Code Phishing for M365 token theft
🔹 Phishing templates impersonating DocuSign, OneDrive, Outlook, and Voicemail
🔹 Country-targeted login lures
🔹 Cloudflare-hosted phishing links
🔹 Keyword-based targeting engine
🔹 Centralized administration panel

👨‍💻 Review the analysis session, investigate the phishing flow, and validate detection coverage: https://app.any.run/tasks/dd97835c-8a07-4917-ba23-cb8d8493b174/?utm_source=mastodon&utm_medium=post&utm_campaign=greatness_phaas&utm_term=100626&utm_content=linktoservice

🔍 Track Device Code Phishing activity associated with Greatness and uncover related infrastructure in #ANYRUN TI Lookup: https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=greatness_phaas&utm_content=linktotilookup&utm_term=100626#%7B%22query%22:%22threatName:%5C%22greatness%5C%22%20and%20threatName:%5C%22oauth-ms-phish%5C%22%22,%22dateRange%22:180%7D

🚀 Strengthen phishing detection and accelerate response across your SOC with #ANYRUN: https://any.run/phishing/?utm_source=mastodon&utm_medium=post&utm_campaign=greatness_phaas&utm_term=100626&utm_content=linktophishinglanding

#cybersecurity #infosec

Chinese PhaaS Ecosystem Evolves, Threatens Global Financial Security

The game has changed in the world of phishing: attackers are now using Phishing as a Service (PhaaS) to intercept one-time passcodes and tokenize payment cards, giving them direct control over victims' financial accounts. This sinister shift threatens global financial security, allowing attackers to tap into accounts…

https://osintsights.com/chinese-phaas-ecosystem-evolves-threatens-global-financial-security?utm_source=mastodon&utm_medium=social

#PhishingAsAService #Phaas #FinancialSecurity #GoogleThreatIntelligenceGroup #Gtig

FBI warnt vor PhaaS-Plattform Kali365 – Microsoft-365-Konten im Visier

https://www.all-about-security.de/fbi-warnt-vor-phaas-plattform-kali365-microsoft-365-konten-im-visier/

#phaas #phishing #microsoft365

Tycoon2FA-Phishing nutzt 2FA gegen MS365

Seit Ende April 2026 beobachten Sicherheitsexperten eine neue Welle von Phishing-Angriffen, die selbst die Zwei-Faktor-Authentifizierung (MFA) für eigene, kriminelle Zwecke nutzen.

Mehr: https://maniabel.work/archiv/1591

#2FA #Microsoft365 #PhaaS #Phishing #PhishingAsAService #Trustifi