- Identity -based attacks have grown since 2023
- Crooks use cheap malware and phaas platforms in attack
- Login -AdIrimation information is used in BEC campaigns
Hackers are increasingly going after the employees’ login credentials helped by advanced tools that are both cheap and easy to get experts have warned.
This is the mood that is repeated in a new report from Esentire, which found that so -called “identity -based attacks” have increased by more than two -part (156%) since 2023.
In the first quarter of 2025 alone, this type of attack accounted for more than half (59%) of all confirmed cyber incidents.
Business E -Mail -Compromis
Esentire selected two things that made the increase in identity-based attacks possible: phishing-as-a-service (phaas) platforms such as Tycoon 2FA and cheap, readily available infoStealing malware.
Tycoon 2FA acts as an opponent-in-agent tool (AITM), collection of login credentials and session cookies in real time for tools such as Microsoft 365 or Gmail.
Furthermore, with its own proprietary CAPTCHA algorithms, it can avoid automated scanners, and with veiled JavaScript, invisible Unicode signs and fingerprints, it has become quite good to avoid detection. It costs up to $ 300 a month, making it a pretty attractive addition to any threat actor’s tech stack.
Those who can’t afford it (or simply don’t want) can go for an even cheaper option – Infostealing Malware that costs no more than $ 100 and can often be found as low as $ 10. These tools extract credentials from browsers, password guides and VPN configurations.
Crooks would use the data obtained to run business E -mail -Compromis (BEC) attack. They would either break into managers’ emails or mimic senior business officers, send other employees emails that fool them into the wire of money or share sensitive files that are later used in extortion campaigns.
Esentire recommends that organizations adopt phishing-resistant MFA solutions (for example, biometrics or hardware-based tokens), perform continuous identity monitoring and real-time threats using AI-driven platforms, prioritize employee training and implement “proactive vulnerability control” and patching protocols.
Via Registered
