Dataconomy
  • News
  • AI
  • Big Data
  • Machine Learning
  • Trends
    • Blockchain
    • Cybersecurity
    • FinTech
    • Gaming
    • Internet of Things
    • Startups
    • Whitepapers
  • Industry
    • Energy & Environment
    • Finance
    • Healthcare
    • Industrial Goods & Services
    • Marketing & Sales
    • Retail & Consumer
    • Technology & IT
    • Transportation & Logistics
  • Events
  • About
    • About Us
    • Contact
    • Imprint
    • Legal & Privacy
    • Newsletter
    • Partner With Us
    • Writers wanted
Subscribe
No Result
View All Result
Dataconomy
  • News
  • AI
  • Big Data
  • Machine Learning
  • Trends
    • Blockchain
    • Cybersecurity
    • FinTech
    • Gaming
    • Internet of Things
    • Startups
    • Whitepapers
  • Industry
    • Energy & Environment
    • Finance
    • Healthcare
    • Industrial Goods & Services
    • Marketing & Sales
    • Retail & Consumer
    • Technology & IT
    • Transportation & Logistics
  • Events
  • About
    • About Us
    • Contact
    • Imprint
    • Legal & Privacy
    • Newsletter
    • Partner With Us
    • Writers wanted
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

EvilProxy service allows hackers to utilize advanced phishing tactics

by Önder Erdine
September 8, 2022
in News, Cybersecurity
Home News
Share on FacebookShare on TwitterShare on LinkedInShare on WhatsAppShare on e-mail
  • EvilProxy is a reverse-proxy service platform that promises to steal authentication tokens to defeat multi-factor authentication on many sites. The service allows low-skill threat actors who don’t know how to set up reverse proxies to steal otherwise well-protected internet accounts.
  • The business claims to steal usernames, passwords, and session cookies for $150 for ten days, $250 for twenty days, or $400 for a month-long campaign.
  • Attacks against Google accounts are more expensive, costing $250/450/600.
  • Services like EvilProxy effectively bridge the skill gap and provide low-tier threat actors with a low-cost option to steal important accounts.

EvilProxy is a reverse-proxy Phishing-as-a-Service (PaaS) platform that promises to steal authentication tokens to defeat multi-factor authentication (MFA) on Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, and even PyPI. The service allows low-skill threat actors who don’t know how to set up reverse proxies to steal otherwise well-protected internet accounts.

What is reverse proxy phishing?

Servers between the intended victim and a genuine authentication endpoint, such as a company’s login form, are reverse proxies. When a victim visits a phishing page, the reverse proxy shows the legal login form, passes requests to the company’s website, and returns answers.

When a victim inputs their credentials and MFA on the phishing page, they are sent to the genuine platform’s server, where the user is logged in and a session cookie is returned.

EvilProxy: A new service that all hackers use advanced phishing tactics
The phishing page is set between the user and a website to steal any input

However, because the threat actor’s proxy is in the middle, it can take the authentication token from the session cookie. Threat actors can then utilize this authentication cookie to log in to the site as the user, circumventing any multi-factor authentication measures that have been enabled.

For a long time, sophisticated APT groups have used reverse proxies to circumvent MFA safeguards on target accounts, some using their own bespoke tools and others utilizing more easily deployable kits like Modlishka, Necrobrowser, and Evilginx2.


Join the Partisia Blockchain Hackathon, design the future, gain new skills, and win!


EvilProxy makes it way too easy for hackers to steal user data

The difference between these phishing frameworks and EvilProxy is that the latter is much easier to set up, with thorough instructional videos and tutorials, a user-friendly graphical interface, and a large collection of cloned phishing sites for famous online services.

According to Resecurity, EvilProxy provides an easy-to-use GUI where threat actors may set up and manage phishing campaigns and all the elements that go with them. For $150 for ten days, $250 for twenty days, or $400 for a month-long campaign, the business claims to steal usernames, passwords, and session cookies. Attacks against Google accounts are more expensive, costing $250/450/600.

EvilProxy: A new service that all hackers use advanced phishing tactics
Any hacker can use the EvilProxy service as cheap as 150$

In a video, Resecurity shows how an assault on a Google account would proceed using EvilProxy. While the service is frequently pushed on numerous clearnet and dark web hacking forums, the clients are vetted, so some prospective purchases are likely to be refused.

According to Resecurity, payment for the service is made on Telegram individually. After making a deposit, the customer gains access to the portal housed on the onion network (TOR). The platform’s testing by Resecurity verified that EvilProxy also provides VM, anti-analysis, and anti-bot protection to filter out invalid or unwanted visitors on the platform’s phishing sites.


Alleged cybersecurity issues of Twitter is causing a headache for the firm


Resecurity explains in the report, “The bad actors are using multiple techniques and approaches to recognize victims and protect the phishing-kit code from being detected. Like fraud prevention and cyber threat intelligence (CTI) solutions, they aggregate data about known VPN services, Proxies, TOR exit nodes and other hosts which may be used for IP reputation analysis (of potential victims).”

EvilProxy: A new service that all hackers use advanced phishing tactics
EvilProxy allows low-tier threat actors with a low-cost option to steal accounts

As MFA use grows, more threat actors turn to reverse-proxy techniques, and the development of a platform that automates everything for criminals and is bad news for security experts and network administrators.


The phishing email detection tool can help users avoid cyber-attacks


For the time being, the only way to address this issue is to use client-side TLS fingerprinting to detect and filter out man-in-the-middle requests. However, the industry’s implementation status is out of pace with the advances.

As a result, services like EvilProxy effectively bridge the skill gap and provide low-tier threat actors with a low-cost option to steal important accounts.

Tags: CybersecurityEvilProxyphisingreverse proxy

Related Posts

How did ChatGPT passed an MBA exam

How did ChatGPT passed an MBA exam?

January 27, 2023
Google code red: ChatGPT and You.com like AI-powered tools threatening the search engine. Moreover, latest Apple Search rumors increased the danger.

Google code red: ChatGPT, You.com and rumors of Apple Search challenge the dominance of search giant

January 26, 2023
Top 5 cybersecurity analytics tools

Navigating the evolving landscape of cyber threats by utilizing advanced data analytics

January 20, 2023
T-Mobile data breach 2023 explained: Learn how did the leak happen and explore T-Mobile data breach history. It is not the first time of the company

T-Mobile data breach 2023: The telecom giant got hacked eight times in the last six years

January 20, 2023
Microsoft layoffs 2023: Amazon job cuts that affect 11,000 employees explained. Big tech layoffs continue... Learn why and what will happen next.

Microsoft layoffs will affect more than 11,000 employees

January 18, 2023
Medibank Data Breach Class Action: Compensation can reach up to $20,000 per person

Medibank Data Breach Class Action: Compensation can reach up to $20,000 per person

January 16, 2023

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

LATEST ARTICLES

How did ChatGPT passed an MBA exam?

AI prompt engineering is the key to limitless worlds

Transform your data into a competitive advantage with AaaS

Google code red: ChatGPT, You.com and rumors of Apple Search challenge the dominance of search giant

Tome AI offers a new way to create presentations easily

Transforming data into insightful information with BI reporting

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy
  • Partnership
  • Writers wanted

Follow Us

  • News
  • AI
  • Big Data
  • Machine Learning
  • Trends
    • Blockchain
    • Cybersecurity
    • FinTech
    • Gaming
    • Internet of Things
    • Startups
    • Whitepapers
  • Industry
    • Energy & Environment
    • Finance
    • Healthcare
    • Industrial Goods & Services
    • Marketing & Sales
    • Retail & Consumer
    • Technology & IT
    • Transportation & Logistics
  • Events
  • About
    • About Us
    • Contact
    • Imprint
    • Legal & Privacy
    • Newsletter
    • Partner With Us
    • Writers wanted
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.