Phishing

  • Published on
    Rockstar2FA, originally known as Dadsec OTT Rockstar has been extremely active lately with thousands of URLs blocked per month. We explore the most recent version of their PhaaS pages and explore the methods utilised for defense evasion, credential harvesting and communication. Read for high fidelity EntraID and webpage indicators.
  • Published on
    In recent investigations into advanced phishing techniques, we analysed current PaaS portals and discovered new tactics employed by what appears to be an updated iteration of previously reported PaaS platforms, tentatively named Tycoon. Recent activity observed on Telegram coincided with the rollout of anti-bot measures, indicating ongoing enhancements in defense evasion strategies.