[x] Block Tycoon 2FA AiTM phishing kit used to bypass 2FA.
Description
In mid-February 2024, we identified a new emerging version of the Tycoon 2FA that was widely distributed in the wild. This new version enhances its obfuscation and anti-detection capabilities and changes network traffic patterns.
Enhancement idea
Tycoon 2FA
AiTM phishing kit used to bypass 2FA.Description
In mid-February 2024, we identified a new emerging version of the Tycoon 2FA that was widely distributed in the wild. This new version enhances its obfuscation and anti-detection capabilities and changes network traffic patterns.
Links
https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/
IOC
I2P websites
n/a
IPFS websites
n/a
Tor2web websites
n/a
TOR websites
n/a
URL's
n/a
Folders
n/a
Sub-Domains
n/a
Domains
IP's
n/a
ASN's
n/a
Emails
n/a
Wallet addresses
Above: Bitcoin Wallet.
Mining pool addresses
n/a