CyberSecurity news
FlagThis
Bill Toulas@BleepingComputer - 72d
A new phishing-as-a-service platform named "FlowerStorm" is rapidly gaining traction, filling the void left by the recent shutdown of the Rockstar2FA cybercrime service. This platform is specifically designed to target Microsoft 365 accounts, allowing threat actors to easily create and deploy phishing campaigns. FlowerStorm's emergence indicates a rise in sophisticated, automated attacks aimed at Microsoft users.
These campaigns, some of which have recently targeted 20,000 users across the UK and Europe, often use tactics such as Docusign lures to attempt Azure account takeovers. The platform enables attackers to steal credentials and maintain persistent access to the cloud environment, potentially leading to data theft and extortion. This highlights the growing sophistication of cybercriminals and the ease with which they can launch complex phishing schemes.
ImgSrc: www.bleepstatic
References :
These campaigns, some of which have recently targeted 20,000 users across the UK and Europe, often use tactics such as Docusign lures to attempt Azure account takeovers. The platform enables attackers to steal credentials and maintain persistent access to the cloud environment, potentially leading to data theft and extortion. This highlights the growing sophistication of cybercriminals and the ease with which they can launch complex phishing schemes.
ImgSrc: www.bleepstatic
Share:
References :
- BleepingComputer: A new Microsoft 365 phishing-as-a-service platform called 'FlowerStorm' is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service.
- www.bleepingcomputer.com: A new Microsoft 365 phishing-as-a-service platform called "FlowerStorm" is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service.
- DataBreaches.Net: New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA
- malware.news: New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA
- Sophos News: Major Phishing-as-a-Service Platform Disrupted, Successor Platform Emerges with Similar Infrastructure
- The Hacker News: Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service
- www.scworld.com: Novel FlowerStorm PhaaS gains traction after Rockstar2FA disruption
- malware.news: Novel FlowerStorm PhaaS gains traction after Rockstar2FA disruption
- news.sophos.com: #FlowerStorm #phishing platform emerges after #Rockstar2FA disruption.
- databreaches.net: New FlowerStorm Microsoft phishing service fills void left by Rockstar2FA
- securityonline.info: FlowerStorm Seizes Opportunity as Rockstar2FA Crumbles
Classification:
- HashTags: #Phishing #Microsoft365 #Cybersecurity
- Company: Microsoft
- Target: Microsoft 365 users
- Product: Microsoft 365
- Feature: phishing
- Malware: FlowerStorm
- Type: Phishing
- Severity: Medium