ONNX phishing service targets Microsoft 365 accounts at financial firms

Using QR codes in PDF attachments, a new phishing-as-a-service (PhaaS) platform called ONNX Store targets Microsoft 365 accounts for staff members of financial institutions.

The software uses Telegram bots to operate and has two-factor authentication (2FA) bypass techniques. It can target both Microsoft 365 and Office 365 email accounts.

The activity was found by researchers at EclecticIQ, and they suspect that ONNX is a renamed Caffeine phishing kit run by the threat actor MRxC0DER, who speaks Arabic.

When the platform began focusing on Russian and Chinese platforms rather than Western services in October 2022, Mandiant made the discovery of caffeine read more about ONNX phishing service targets Microsoft 365 accounts at financial firms.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *