A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri.
“Greatness operates as a Phishing as a Service (PhaaS) platform, providing a number of features and components for bad actors to conduct their phishing attacks against Microsoft 365 accounts,” the researchers write.
“URLScan results show thousands of affected pages related to this kit. Once bad actors acquire a license and make the payment, they are provided with the software used to launch these attacks. The software can be hosted anywhere but we have seen a number of infections on compromised websites, hidden deep within the website structure.”
The platform gives attackers an easy-to-use interface to craft convincing phishing emails.
“The ‘Office Page’ functions as a campaign builder, enabling phishers to craft detailed phishing campaigns, create convincing emails equipped with deceptive links, or create attachments embedded with malware,” the researchers write. “The platform facilitates easy creation of attack templates and offers customization for tailoring the phishing attack, such as modifying backgrounds to mimic various file types and an ‘autograb’ function, streamlining the phishing process by setting the target account in advance.”
Notably, the kit offers features that enable attackers to bypass multi-factor authentication.
“Greatness uses a sophisticated authentication procedure,” Sucuri says. “After a victim enters their password, the tool verifies if multi-factor authentication (MFA) is enabled. If MFA is active, the tool prompts victims for additional information. Utilizing Microsoft’s API, the tool can then procure a valid session cookie.”
The researchers conclude that phishing kits like Greatness lower the bar for unskilled criminals to craft convincing social engineering attacks.
“With this toolkit, even novices with little technical knowledge can launch damaging phishing attacks,” the researchers write. “This accessibility amplifies the potential for harm, as it lowers the threshold for individuals to participate in and profit from cybercrime.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Sucuri has the story.
