Found 2 bookmarks
Custom sorting
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
Since early March 2025, Volexity has observed multiple suspected Russian threat actors conducting highly targeted social engineering operations aimed at gaining access to the Microsoft 365 (M365) accounts of targeted individuals. This activity comes on the heels of attacks Volexity reported on back in February 2025, where Russian threat actors were discovered targeting users and organizations through Device Code Authentication phishing...
#volexity#2025#EN#Russia#M365#Microsoft365#phishing#NGO#OAuth#UTA0352#login.microsoftonline.com
·volexity.com·
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
W3LL oiled machine: Group-IB uncovers covert BEC phishing empire targeting Microsoft 365
W3LL oiled machine: Group-IB uncovers covert BEC phishing empire targeting Microsoft 365
The report details the operations of W3LL, a threat actor behind a phishing empire that has remained largely unknown until now. Group-IB’s Threat Intelligence and Cyber Investigations teams have tracked the evolution of W3LL and uncovered that they played a major role in compromising Microsoft 365 business email accounts over the past 6 years. The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing kit called W3LL Panel, designed to bypass MFA, as well as 16 other fully customized tools for business email compromise (BEC) attacks. Group-IB investigators identified that W3LL’s phishing tools were used to target over 56,000 corporate Microsoft 365 accounts in the USA, Australia and Europe between October 2022 and July 2023. According to Group-IB’s rough estimates, W3LL’s Store’s turnover for the last 10 months may have reached $500,000. All the information collected by Group-IB’s cyber investigators about W3LL has been shared with relevant law enforcement organizations. PDF Document
#group-ib#EN#2023#BEC#phishing#W3LL#Microsoft365
·group-ib.com·
W3LL oiled machine: Group-IB uncovers covert BEC phishing empire targeting Microsoft 365