{"id":135978,"date":"2022-02-23T09:42:31","date_gmt":"2022-02-23T17:42:31","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2022\/02\/devious-phishing-method-bypasses-mfa-using-remote-access-software"},"modified":"2022-02-23T09:42:31","modified_gmt":"2022-02-23T17:42:31","slug":"devious-phishing-method-bypasses-mfa-using-remote-access-software","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2022\/02\/devious-phishing-method-bypasses-mfa-using-remote-access-software","title":{"rendered":"Devious phishing method bypasses MFA using remote access software"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/devious-phishing-method-bypasses-mfa-using-remote-access-software2.jpg\"><\/a><\/p>\n<p>The researcher also told BleepingComputer that websites, such as LinkedIn, detect man-in-the-middle (MiTM) attacks and <a href=\"http:\/\/github.com\/kgretzky\/evilginx2\/issues\/697\" target=\"_blank\" rel=\"nofollow noopener\">deactivate accounts after successful login<\/a>s.<\/p>\n<p>To overcome this obstacle, mr.d0x came up with a devious new phishing technique that uses the noVNC remote access software and browsers running in kiosk mode to display email login prompts running on the attacker\u2019s server but shown in the victim\u2019s browser.<\/p>\n<p>VNC is a remote access software that allows remote users to connect to and control a logged-in user\u2019s desktop. Most people connect to a VNC server through dedicated VNC clients that open the remote desktop in a similar manner to Windows Remote Desktop.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The researcher also told BleepingComputer that websites, such as LinkedIn, detect man-in-the-middle (MiTM) attacks and deactivate accounts after successful logins. To overcome this obstacle, mr.d0x came up with a devious new phishing technique that uses the noVNC remote access software and browsers running in kiosk mode to display email login prompts running on the attacker\u2019s [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-135978","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/135978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=135978"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/135978\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=135978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=135978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=135978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}