EvilProxy Malware Steals Session Tokens bypassing MFA on Victim’s Email Account

The reason this works so well, is that the victim’s sessions appear to work just fine while logging into their 365 account.  The hacker’s stolen session key allows them to bypass MFA allowing them to setup a new MFA token, change forwarding rules and do anything else they want as they have already been granted access to the hacked users O365 email account.

Source: CyberHoot

 


Date:

Categorie(s):