Man
Professional
- Messages
- 2,954
- Reaction score
- 477
- Points
- 83
The company has revealed new techniques, including the use of QR codes and MFA bypass.
Microsoft has taken massive action against cybercrime, taking down 240 fake websites linked to the Egyptian gang led by Abanub Nadi. Under the name "MRxC0DER", it developed and sold phishing kits known as "Phishing-as-a-Service" (PhaaS), which were used by attackers to carry out attacks on Microsoft and other organizations' accounts. The products were distributed through the fake "ONNX" brand, which mimicked a legitimate machine learning tool.
These phishing kits allow you to bypass two-factor authentication (MFA) using "enemy in the middle" (AiTM) techniques. With their help, attackers intercept network communications, steal credentials and authentication cookies. Attacks like this are growing at a tremendous rate, with Microsoft recording a 146% increase this year.
One of the new methods of deception is the use of QR codes ("quishing"), which redirect users to fake login pages. Since September 2023, nearly a quarter of all phishing emails have contained malicious QR codes, making it difficult to detect and prevent such threats.
The dismantling of the phishing site network was made possible by a civil court ruling in Eastern Virginia County, which placed the fraudsters' technical infrastructure under Microsoft's control. This disrupted the supply chain of phishing tools and protected users from further attacks. Microsoft's actions also included working with the Linux Foundation, which owns the registered trademark ONNX, to counter the illegal use of their brand.
Since discovering Abanub Nadi's activities in 2017, he has not only used the ONNX brand, but also developed other platforms such as "Caffeine" and "FUHRER". Its products were sold through Telegram and accompanied by training materials that helped buyers launch phishing campaigns on a large scale.
Despite this success, Microsoft emphasizes that the fight against cybercrime requires constant attention and joint efforts. While eliminating the current threat deals a severe blow to criminal operations, other threat actors are likely to fill the vacated niche. Therefore, the continuation of technical and legal measures remains an important part of the strategy to protect users in the digital environment.
Source
Microsoft has taken massive action against cybercrime, taking down 240 fake websites linked to the Egyptian gang led by Abanub Nadi. Under the name "MRxC0DER", it developed and sold phishing kits known as "Phishing-as-a-Service" (PhaaS), which were used by attackers to carry out attacks on Microsoft and other organizations' accounts. The products were distributed through the fake "ONNX" brand, which mimicked a legitimate machine learning tool.
These phishing kits allow you to bypass two-factor authentication (MFA) using "enemy in the middle" (AiTM) techniques. With their help, attackers intercept network communications, steal credentials and authentication cookies. Attacks like this are growing at a tremendous rate, with Microsoft recording a 146% increase this year.
One of the new methods of deception is the use of QR codes ("quishing"), which redirect users to fake login pages. Since September 2023, nearly a quarter of all phishing emails have contained malicious QR codes, making it difficult to detect and prevent such threats.
The dismantling of the phishing site network was made possible by a civil court ruling in Eastern Virginia County, which placed the fraudsters' technical infrastructure under Microsoft's control. This disrupted the supply chain of phishing tools and protected users from further attacks. Microsoft's actions also included working with the Linux Foundation, which owns the registered trademark ONNX, to counter the illegal use of their brand.
Since discovering Abanub Nadi's activities in 2017, he has not only used the ONNX brand, but also developed other platforms such as "Caffeine" and "FUHRER". Its products were sold through Telegram and accompanied by training materials that helped buyers launch phishing campaigns on a large scale.
Despite this success, Microsoft emphasizes that the fight against cybercrime requires constant attention and joint efforts. While eliminating the current threat deals a severe blow to criminal operations, other threat actors are likely to fill the vacated niche. Therefore, the continuation of technical and legal measures remains an important part of the strategy to protect users in the digital environment.
Source