Sep 6, 2022

New EvilProxy service lets all hackers use advanced phishing tactics

Posted by in category: cybercrime/malcode

A reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged, promising to steal authentication tokens to bypass multi-factor authentication (MFA) on Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, and even PyPI.

The service enables low-skill threat actors who don’t know how to set up reverse proxies to steal online accounts that are otherwise well-protected.

Reverse proxies are servers that sit between the targeted victim and a legitimate authentication endpoint, such as a company’s login form. When the victim connects to a phishing page, the reverse proxy displays the legitimate login form, forwards requests, and returns responses from the company’s website.

Leave a reply