VoidProxy’s Phishing Frenzy: How Cybercriminals Are Hijacking Microsoft and Google Accounts
Multiple attackers are using a new phishing service called VoidProxy to target Microsoft and Google accounts, stealing credentials and session tokens in real time. The attacks, using compromised emails and elaborate phishing sites, have led to numerous account takeovers, according to Okta Threat Intelligence. It’s a phishing-as-a-service nightmare.
Hot Take:
Watch out, folks! The cybercriminals have taken their phishing game to the next level with VoidProxy. It’s like Uber, but for stealing your credentials! This “phishing-as-a-service” is the ultimate hacker subscription box, and it’s serving up stolen goodies faster than you can say “multi-factor authentication.” Keep those passkeys handy, or you might find your precious accounts getting a one-way trip to Hackerland!
Key Points:
- VoidProxy is a new phishing service targeting Microsoft and Google accounts.
- Attackers are using attacker-in-the-middle (AiTM) techniques to steal credentials in real time.
- Phishing attacks leverage compromised email accounts and URL shortening services.
- Stolen data includes login credentials, MFA codes, and session cookies.
- Okta recommends strong authenticators and industry standards for protection.